urlscan.io logo urlscan.io
SecurityTrails logo

www.em.com.br Open in urlscan Pro
179.191.182.65  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.em.com.br/
Submission: On December 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 109 IPs in 10 countries across 81 domains to perform 506 HTTP transactions. The main IP is 179.191.182.65, located in Offenbach, Germany and belongs to Azion Technologies Ltda., BR. The main domain is www.em.com.br. The Cisco Umbrella rank of the primary domain is 684797.
This is the only time www.em.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
63 179.191.182.65 52580 (Azion Tec...)
2 11 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
29 151.101.65.44 54113 (FASTLY)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f08... 32934 (FACEBOOK)
1 23.206.19.66 16625 (AKAMAI-AS)
5 2606:4700::68... 13335 (CLOUDFLAR...)
3 108.138.1.25 16509 (AMAZON-02)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2600:9000:214... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 99.86.4.30 16509 (AMAZON-02)
1 18.66.27.14 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.32.27.70 16509 (AMAZON-02)
4 35.201.123.184 396982 (GOOGLE-CL...)
1 2600:9000:219... 16509 (AMAZON-02)
1 34.243.143.69 16509 (AMAZON-02)
5 151.101.1.44 54113 (FASTLY)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
2 13.32.99.59 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.245.222.29 16509 (AMAZON-02)
4 6 185.89.211.84 29990 (ASN-APPNEX)
11 2602:803:c003... 26667 (RUBICONPR...)
1 6 23.52.123.144 16625 (AKAMAI-AS)
1 185.184.10.30 203690 (RTB-HOUSE...)
1 34.120.63.153 396982 (GOOGLE-CL...)
10 20 216.58.206.34 15169 (GOOGLE)
1 23.52.122.195 16625 (AKAMAI-AS)
2 6 3.75.62.37 16509 (AMAZON-02)
1 52.211.132.222 16509 (AMAZON-02)
3 7 104.18.36.155 13335 (CLOUDFLAR...)
1 23.213.168.238 16625 (AKAMAI-AS)
7 52.51.87.200 16509 (AMAZON-02)
1 52.70.125.191 14618 (AMAZON-AES)
1 35.158.30.42 16509 (AMAZON-02)
2 35.227.252.103 15169 (GOOGLE)
1 185.64.190.79 62713 (AS-PUBMATIC)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 1 46.228.174.117 56396 (AMOBEE)
1 69.166.1.66 27630 (AS-XFERNET)
2 2 2600:1f18:612... 14618 (AMAZON-AES)
1 13.248.245.213 16509 (AMAZON-02)
1 52.16.39.70 16509 (AMAZON-02)
2 185.86.139.102 201081 (SMARTADSE...)
1 2 35.186.194.101 15169 (GOOGLE)
1 3.68.140.79 16509 (AMAZON-02)
3 3.66.82.152 16509 (AMAZON-02)
2 3.127.62.64 16509 (AMAZON-02)
2 4 69.173.144.139 26667 (RUBICONPR...)
4 23.52.120.27 16625 (AKAMAI-AS)
1 162.55.236.225 24940 (HETZNER-AS)
5 6 2607:ae80:4::25 26558 (FREEWHEEL)
1 8.2.110.17 46636 (NATCOWEB)
2 2a00:1450:400... 15169 (GOOGLE)
15 141.226.228.48 200478 (TABOOLA-AS)
25 2a00:1450:400... 15169 (GOOGLE)
6 104.18.111.252 13335 (CLOUDFLAR...)
1 65.9.66.43 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
6 34.102.185.99 396982 (GOOGLE-CL...)
2 2 34.197.7.44 14618 (AMAZON-AES)
1 2 178.250.1.9 44788 (ASN-CRITE...)
1 3 52.46.130.91 16509 (AMAZON-02)
1 2 151.101.130.49 54113 (FASTLY)
5 52.223.40.198 16509 (AMAZON-02)
1 2 34.91.62.186 396982 (GOOGLE-CL...)
1 2804:564::1182 20044 (SA ESTADO...)
2 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 198.47.127.19 3257 (GTT-BACKB...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 143.204.98.72 16509 (AMAZON-02)
33 2a00:1450:400... 15169 (GOOGLE)
2 143.204.215.89 16509 (AMAZON-02)
5 6 2a05:d018:d29... 16509 (AMAZON-02)
1 13.32.99.40 16509 (AMAZON-02)
3 34.149.50.64 396982 (GOOGLE-CL...)
4 23.52.120.246 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
15 52.54.58.110 14618 (AMAZON-AES)
3 34.98.64.218 396982 (GOOGLE-CL...)
2 4 54.247.4.160 16509 (AMAZON-02)
29 2a00:1450:400... 15169 (GOOGLE)
1 1 23.212.211.47 16625 (AKAMAI-AS)
1 1 18.134.84.25 16509 (AMAZON-02)
1 2 46.228.164.11 56396 (AMOBEE)
1 2620:116:800d... 16509 (AMAZON-02)
2 3 51.89.9.251 16276 (OVH)
4 142.250.185.98 15169 (GOOGLE)
4 2600:9000:223... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
16 2600:1f18:1ac... 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 35.190.0.66 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2 52.57.12.239 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:1af8:500... 60781 (LEASEWEB-...)
4 6 2600:9000:225... 16509 (AMAZON-02)
10 2a04:4e42::626 54113 (FASTLY)
1 13.32.27.40 16509 (AMAZON-02)
1 152.199.22.243 15133 (EDGECAST)
1 2600:9000:223... 16509 (AMAZON-02)
3 2600:9000:206... 16509 (AMAZON-02)
506 109
63    179.191.182.65 (Offenbach, Germany)

ASN52580 (Azion Technologies Ltda., BR)
www.em.com.br
imgs2.uai.com.br
imgs.em.com.br
midias.em.com.br
css.em.com.br
barra.uai.com.br
11    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
29    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
c2.taboola.com
trc.taboola.com
hp.taboola.com
images.taboola.com
nr-events.taboola.com
videos.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
3    2606:4700:20::ac43:4637 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pn.vg
3    2a00:1450:400c:c00::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
5    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    23.206.19.66 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-19-66.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
5    2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
5    2606:4700:20::681a:d80 (United States)

ASN13335 (CLOUDFLARENET, US)
www.flipar.com.br
4    2600:9000:214f:2400:8:ced9:d0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
embed.dugout.com
4    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    18.66.27.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-27-14.vie50.r.cloudfront.net
launchpad-wrapper.privacymanager.io
4    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
1    13.32.27.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-70.fra56.r.cloudfront.net
launchpad.privacymanager.io
4    35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
d.tailtarget.com
1    2600:9000:2190:3e00:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
1    34.243.143.69 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-143-69.eu-west-1.compute.amazonaws.com
tv.springserve.com
5    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
pm-widget.taboola.com
vidstat.taboola.com
pips.taboola.com
1    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    13.32.99.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-59.fra60.r.cloudfront.net
geo.privacymanager.io
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    18.245.222.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-222-29.lhr5.r.cloudfront.net
aax.amazon-adsystem.com
6    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
11    2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    23.52.123.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-123-144.deploy.static.akamaitechnologies.com
a.teads.tv
sync.teads.tv
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
20    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net
cm.g.doubleclick.net
1    23.52.122.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-122-195.deploy.static.akamaitechnologies.com
pixel.mathtag.com
6    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
pixel.advertising.com
1    52.211.132.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-132-222.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
7    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
dsum-sec.casalemedia.com
1    23.213.168.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-168-238.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    52.51.87.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-87-200.eu-west-1.compute.amazonaws.com
vid-io-dub.springserve.com
sync.springserve.com
1    52.70.125.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-125-191.compute-1.amazonaws.com
sync.bfmio.com
1    35.158.30.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-30-42.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
1    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    2600:1f18:612b:4280:6998:c3aa:1a9e:b5be (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pbs.publishers.tremorhub.com
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    52.16.39.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-39-70.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
2    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    35.186.194.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com
sync.sxp.smartclip.net
1    3.68.140.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-140-79.eu-central-1.compute.amazonaws.com
match.sharethrough.com
3    3.66.82.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-82-152.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.127.62.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-62-64.eu-central-1.compute.amazonaws.com
ih.adscale.de
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
4    23.52.120.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-27.deploy.static.akamaitechnologies.com
cs.media.net
contextual.media.net
1    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
6    2607:ae80:4::25 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    8.2.110.17 (Greenfield, United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
15    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-match.taboola.com
sync.taboola.com
25    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    104.18.111.252 (None, )

ASN13335 (CLOUDFLARENET, US)
t.seedtag.com
1    65.9.66.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-43.fra56.r.cloudfront.net
cnt.trvdp.com
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com
tt-10258-0.seg.t.tailtarget.com
b.t.tailtarget.com
t.tailtarget.com
2    34.197.7.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-7-44.compute-1.amazonaws.com
i.liadm.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    2804:564::1182 (Brazil)

ASN20044 (SA ESTADO DE MINAS, BR)
t.em.com.br
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
1    2a00:1450:4001:80e::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
csp.withgoogle.com
5    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    143.204.98.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-72.fra50.r.cloudfront.net
go.trvdp.com
33    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    143.204.215.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-89.fra53.r.cloudfront.net
stg.truvidplayer.com
6    2a05:d018:d29:3601:11b1:8ae0:b180:1e1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    13.32.99.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-40.fra60.r.cloudfront.net
s.trvdp.com
3    34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
4    23.52.120.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-120-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
15    52.54.58.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-58-110.compute-1.amazonaws.com
p.trvdp.com
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
4    54.247.4.160 (Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-4-160.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
29    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    23.212.211.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    18.134.84.25 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-25.eu-west-2.compute.amazonaws.com
1f2e7.v.fwmrm.net
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
4    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
4    2600:9000:223f:8c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
16    2600:1f18:1aca:4280:ab5d:871:cd4c:9577 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
16    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
6    2a00:1450:400c:c0a::5e (Brussels, Belgium)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    52.57.12.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-12-239.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    2a00:1450:4001:26::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
rr3---sn-4g5lznls.googlevideo.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2001:1af8:5000:b001::54 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
a-fds.youborafds01.com
6    2600:9000:225e:6400:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
10    2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
assets-jpcust.jwpsrv.com
1    13.32.27.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-40.fra56.r.cloudfront.net
dugout.com
1    152.199.22.243 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
1    2600:9000:223e:e800:1b:6b7c:c940:93a1 (United States)

ASN16509 (AMAZON-02, US)
prd.jwpltx.com
3    2600:9000:206f:d600:2:cecb:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
videos-cloudfront-usp.jwpsrv.com
Apex Domain
Subdomains		 Transfer
63 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
pubads.g.doubleclick.net — Cisco Umbrella Rank: 414
386 KB
62 googlesyndication.com
6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
468 KB
62 em.com.br
www.em.com.br — Cisco Umbrella Rank: 684797
imgs.em.com.br
midias.em.com.br
css.em.com.br
t.em.com.br
2 MB
49 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1020
pm-widget.taboola.com — Cisco Umbrella Rank: 3686
c2.taboola.com — Cisco Umbrella Rank: 9052
trc.taboola.com — Cisco Umbrella Rank: 648
vidstat.taboola.com — Cisco Umbrella Rank: 3027
hp.taboola.com — Cisco Umbrella Rank: 22951
trc-events.taboola.com — Cisco Umbrella Rank: 2040
am-trc-events.taboola.com — Cisco Umbrella Rank: 15316
images.taboola.com — Cisco Umbrella Rank: 1870
nr-events.taboola.com — Cisco Umbrella Rank: 11107
videos.taboola.com — Cisco Umbrella Rank: 6055
imprammp.taboola.com — Cisco Umbrella Rank: 15008
am-vid-events.taboola.com — Cisco Umbrella Rank: 14680
am-match.taboola.com — Cisco Umbrella Rank: 15404
wf.taboola.com — Cisco Umbrella Rank: 3217
sync.taboola.com — Cisco Umbrella Rank: 1293
vidstatb.taboola.com — Cisco Umbrella Rank: 5135
pips.taboola.com — Cisco Umbrella Rank: 1659
1 MB
29 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
364 KB
24 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 900
static.adsafeprotected.com — Cisco Umbrella Rank: 602
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
205 KB
20 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
42 KB
18 trvdp.com
cnt.trvdp.com — Cisco Umbrella Rank: 38270
go.trvdp.com — Cisco Umbrella Rank: 34674
s.trvdp.com — Cisco Umbrella Rank: 30609
p.trvdp.com — Cisco Umbrella Rank: 25583
137 KB
11 gstatic.com
www.gstatic.com
ssl.gstatic.com
csi.gstatic.com
58 KB
11 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1240
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
4 KB
10 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 71029
d.tailtarget.com — Cisco Umbrella Rank: 77929
tt-10258-0.seg.t.tailtarget.com — Cisco Umbrella Rank: 854964
b.t.tailtarget.com — Cisco Umbrella Rank: 60259
t.tailtarget.com — Cisco Umbrella Rank: 15832
28 KB
9 seedtag.com
t.seedtag.com — Cisco Umbrella Rank: 10927
s.seedtag.com — Cisco Umbrella Rank: 1600
155 KB
9 google.com
accounts.google.com — Cisco Umbrella Rank: 23
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
82 KB
8 springserve.com
tv.springserve.com — Cisco Umbrella Rank: 8793
vid-io-dub.springserve.com — Cisco Umbrella Rank: 11776
sync.springserve.com — Cisco Umbrella Rank: 3189
8 KB
8 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
73 KB
7 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3965
videos-cloudfront-usp.jwpsrv.com — Cisco Umbrella Rank: 5669
368 KB
7 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2808
entitlements.jwplayer.com — Cisco Umbrella Rank: 3715
9 KB
7 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1351
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
5 KB
6 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2994
275 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
610 KB
6 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
4 KB
6 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1466
sync.teads.tv — Cisco Umbrella Rank: 1299
1 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
secure.adnxs.com — Cisco Umbrella Rank: 478
11 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
741 B
5 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
us-u.openx.net — Cisco Umbrella Rank: 491
805 B
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1498
cs.media.net — Cisco Umbrella Rank: 1381
contextual.media.net — Cisco Umbrella Rank: 665
3 KB
5 dugout.com
embed.dugout.com — Cisco Umbrella Rank: 73383
dugout.com — Cisco Umbrella Rank: 69967
200 KB
5 flipar.com.br
www.flipar.com.br
326 KB
5 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 32696
usr.navdmp.com — Cisco Umbrella Rank: 37984
cdn.navdmp.com — Cisco Umbrella Rank: 20813
sync2.navdmp.com — Cisco Umbrella Rank: 60002
6 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
57 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
255 KB
4 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3016
launchpad.privacymanager.io — Cisco Umbrella Rank: 2702
geo.privacymanager.io — Cisco Umbrella Rank: 2070
30 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
278 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
974 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
436 B
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
image8.pubmatic.com — Cisco Umbrella Rank: 661
image6.pubmatic.com — Cisco Umbrella Rank: 793
6 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
dis.criteo.com — Cisco Umbrella Rank: 550
1 KB
3 adscale.de
js.adscale.de — Cisco Umbrella Rank: 6328
ih.adscale.de — Cisco Umbrella Rank: 4608
3 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
90 KB
3 pn.vg
cdn.pn.vg — Cisco Umbrella Rank: 117582
65 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
r.turn.com — Cisco Umbrella Rank: 3570
869 B
2 truvidplayer.com
stg.truvidplayer.com — Cisco Umbrella Rank: 27502
18 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 953
141 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
843 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
736 B
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
41 KB
2 smartclip.net
sync.sxp.smartclip.net — Cisco Umbrella Rank: 12136
702 B
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
89 B
2 tremorhub.com
pbs.publishers.tremorhub.com — Cisco Umbrella Rank: 5609
759 B
2 uai.com.br
imgs2.uai.com.br
barra.uai.com.br
4 KB
1 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 3121
204 B
1 youborafds01.com
a-fds.youborafds01.com — Cisco Umbrella Rank: 14642
378 B
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 71
1 googlevideo.com
rr3---sn-4g5lznls.googlevideo.com — Cisco Umbrella Rank: 67613
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 5555
552 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 49153
607 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
463 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3915
595 B
1 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 415
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
14 KB
1 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3200
60 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1727
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
35 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 582
35 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 372
140 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 951
445 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 546
224 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 501
623 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1658
263 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 3022
44 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1556
78 B
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1472
100 B
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1808
418 B
1 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 9532
175 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6765
408 B
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3485
17 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
30 KB
0 deep.bi Failed
scoring.deep.bi Failed
506 81
Domain Requested by
38 midias.em.com.br www.em.com.br
33 pagead2.googlesyndication.com www.em.com.br
6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
embed.dugout.com
www.googletagservices.com
29 s0.2mdn.net www.em.com.br
imasdk.googleapis.com
s0.2mdn.net
25 tpc.googlesyndication.com www.em.com.br
6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
20 cm.g.doubleclick.net 10 redirects ssum.casalemedia.com
googleads.g.doubleclick.net
6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
17 www.em.com.br www.em.com.br
cdn.pn.vg
www.googletagmanager.com
16 pubads.g.doubleclick.net imasdk.googleapis.com
16 dt.adsafeprotected.com 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
15 p.trvdp.com www.em.com.br
14 cdn.taboola.com www.em.com.br
cdn.taboola.com
11 googleads.g.doubleclick.net www.em.com.br
6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
pagead2.googlesyndication.com
11 fastlane.rubiconproject.com embed.dugout.com
11 securepubads.g.doubleclick.net 2 redirects www.em.com.br
securepubads.g.doubleclick.net
embed.dugout.com
www.googletagservices.com
7 trc-events.taboola.com cdn.taboola.com
www.em.com.br
6 ssl.p.jwpcdn.com embed.dugout.com
6 cdn.jwplayer.com 4 redirects embed.dugout.com
6 csi.gstatic.com imasdk.googleapis.com
6 pr-bh.ybp.yahoo.com 5 redirects 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
6 t.seedtag.com securepubads.g.doubleclick.net
t.seedtag.com
6 ads.stickyadstv.com 5 redirects ssum.casalemedia.com
6 vid-io-dub.springserve.com www.em.com.br
ssum.casalemedia.com
5 www.google.com 1 redirects securepubads.g.doubleclick.net
6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 match.adsrvr.org ssum.casalemedia.com
imprammp.taboola.com
am-match.taboola.com
www.em.com.br
5 dsum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
googleads.g.doubleclick.net
5 sync.teads.tv 1 redirects www.em.com.br
googleads.g.doubleclick.net
6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
5 ib.adnxs.com 3 redirects embed.dugout.com
googleads.g.doubleclick.net
5 www.flipar.com.br www.em.com.br
4 assets-jpcust.jwpsrv.com
4 cdnjs.cloudflare.com s0.2mdn.net
4 static.adsafeprotected.com 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
4 googleads4.g.doubleclick.net www.em.com.br
4 fw.adsafeprotected.com 2 redirects www.em.com.br
4 imasdk.googleapis.com s.trvdp.com
imasdk.googleapis.com
4 eus.rubiconproject.com am-match.taboola.com
eus.rubiconproject.com
s.trvdp.com
4 www.googletagservices.com www.em.com.br
securepubads.g.doubleclick.net
6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
4 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
4 ups.analytics.yahoo.com www.em.com.br
imprammp.taboola.com
4 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.googletagmanager.com www.em.com.br
www.googletagmanager.com
4 embed.dugout.com www.em.com.br
4 imgs.em.com.br www.em.com.br
3 videos-cloudfront-usp.jwpsrv.com embed.dugout.com
3 onetag-sys.com 2 redirects 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
3 us-u.openx.net googleads.g.doubleclick.net
3 s.seedtag.com embed.dugout.com
3 sync.taboola.com imprammp.taboola.com
am-match.taboola.com
3 www.gstatic.com www.em.com.br
6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
3 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
www.em.com.br
3 tt-10258-0.seg.t.tailtarget.com d.tailtarget.com
www.em.com.br
3 cs.media.net www.em.com.br
3 x.bidswitch.net www.em.com.br
am-match.taboola.com
3 d.tailtarget.com www.googletagmanager.com
www.em.com.br
d.tailtarget.com
3 trc.taboola.com embed.dugout.com
www.em.com.br
3 c.amazon-adsystem.com www.em.com.br
c.amazon-adsystem.com
3 connect.facebook.net www.em.com.br
connect.facebook.net
3 accounts.google.com www.em.com.br
accounts.google.com
3 cdn.pn.vg www.em.com.br
cdn.pn.vg
2 pm.w55c.net 2 redirects
2 token.rubiconproject.com eus.rubiconproject.com
2 wf.taboola.com embed.dugout.com
2 am-match.taboola.com vidstat.taboola.com
2 stg.truvidplayer.com embed.dugout.com
2 b.t.tailtarget.com d.tailtarget.com
2 static.xx.fbcdn.net www.facebook.com
2 ssl.gstatic.com accounts.google.com
2 fonts.googleapis.com 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
www.em.com.br
2 nr-events.taboola.com c2.taboola.com
www.em.com.br
2 um.simpli.fi 1 redirects ssum.casalemedia.com
2 sync-tm.everesttech.net 1 redirects ssum.casalemedia.com
2 dis.criteo.com 1 redirects ssum.casalemedia.com
2 i.liadm.com 2 redirects
2 am-trc-events.taboola.com www.em.com.br
2 www.google-analytics.com barra.uai.com.br
www.googletagmanager.com
2 pixel.rubiconproject.com 2 redirects
2 ih.adscale.de www.em.com.br
js.adscale.de
2 sync.sxp.smartclip.net 1 redirects www.em.com.br
2 ssbsync.smartadserver.com www.em.com.br
6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
2 pbs.publishers.tremorhub.com 2 redirects
2 rtb.openx.net www.em.com.br
6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
2 ssum.casalemedia.com 1 redirects tv.springserve.com
2 geo.privacymanager.io embed.dugout.com
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 css.em.com.br www.em.com.br
2 tag.navdmp.com www.em.com.br
tag.navdmp.com
1 prd.jwpltx.com
1 entitlements.jwplayer.com embed.dugout.com
1 dugout.com
1 a-fds.youborafds01.com embed.dugout.com
1 www.youtube.com
1 rr3---sn-4g5lznls.googlevideo.com
1 contextual.media.net
1 pips.taboola.com embed.dugout.com
1 ads.travelaudience.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 s.tribalfusion.com 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 t.tailtarget.com www.em.com.br
1 secure.adnxs.com 1 redirects
1 cms.quantserve.com 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
1 r.turn.com 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 1f2e7.v.fwmrm.net 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 vidstatb.taboola.com www.em.com.br
1 s.trvdp.com go.trvdp.com
1 am-vid-events.taboola.com www.em.com.br
1 imprammp.taboola.com vidstat.taboola.com
1 go.trvdp.com cnt.trvdp.com
1 csp.withgoogle.com www.em.com.br
1 videos.taboola.com www.em.com.br
1 image6.pubmatic.com ads.pubmatic.com
1 images.taboola.com www.em.com.br
1 t.em.com.br www.em.com.br
1 www.facebook.com connect.facebook.net
1 cnt.trvdp.com securepubads.g.doubleclick.net
1 hp.taboola.com embed.dugout.com
1 sync.admanmedia.com www.em.com.br
1 sync.springserve.com www.em.com.br
1 sync.richaudience.com www.em.com.br
1 match.sharethrough.com www.em.com.br
1 ads.yieldmo.com www.em.com.br
1 eb2.3lift.com www.em.com.br
1 sync.go.sonobi.com www.em.com.br
1 sync.1rx.io 1 redirects
1 bh.contextweb.com 1 redirects
1 image8.pubmatic.com www.em.com.br
1 pixel.advertising.com 1 redirects
1 cs.emxdgt.com www.em.com.br
1 sync.bfmio.com www.em.com.br
1 ads.pubmatic.com tv.springserve.com
1 rtb.gumgum.com tv.springserve.com
1 cms.analytics.yahoo.com 1 redirects
1 pixel.mathtag.com www.em.com.br
1 sync2.navdmp.com www.em.com.br
1 cdn.navdmp.com tag.navdmp.com
1 prebid.media.net embed.dugout.com
1 prebid-us.creativecdn.com embed.dugout.com
1 a.teads.tv embed.dugout.com
1 aax.amazon-adsystem.com embed.dugout.com
1 www.google.de www.em.com.br
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 gum.criteo.com cdn.taboola.com
1 c2.taboola.com www.em.com.br
1 tv.springserve.com embed.dugout.com
1 js.adscale.de embed.dugout.com
1 tags.t.tailtarget.com www.googletagmanager.com
1 barra.uai.com.br www.em.com.br
1 usr.navdmp.com tag.navdmp.com
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 launchpad-wrapper.privacymanager.io www.em.com.br
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 appleid.cdn-apple.com www.em.com.br
1 imgs2.uai.com.br www.em.com.br
1 code.jquery.com www.em.com.br
0 scoring.deep.bi Failed embed.dugout.com
506 156
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.em.com.br
AlphaSSL CA - SHA256 - G4		 2023-10-10 -
2024-11-10		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
pn.vg
GTS CA 1P5		 2023-10-25 -
2024-01-23		 3 months crt.sh
*.uai.com.br
AlphaSSL CA - SHA256 - G4		 2023-10-10 -
2024-11-10		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-18 -
2023-12-17		 3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2023-11-08 -
2024-02-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-04 -
2024-05-03		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
dugout.com
Amazon RSA 2048 M01		 2023-06-17 -
2024-07-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-09		 a year crt.sh
*.adscale.de
Amazon RSA 2048 M01		 2023-06-09 -
2024-07-07		 a year crt.sh
*.springserve.com
Amazon RSA 2048 M01		 2023-08-02 -
2024-08-30		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-07 -
2024-05-07		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.trvdp.com
Amazon RSA 2048 M01		 2023-07-26 -
2024-08-23		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.truvidplayer.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-20		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-04-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-11-14 -
2024-01-23		 2 months crt.sh
*.youborafds01.com
Go Daddy Secure Certificate Authority - G2		 2023-10-11 -
2024-11-11		 a year crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-30 -
2024-09-30		 a year crt.sh
entitlements.jwplayer.com
GeoTrust TLS RSA CA G1		 2023-04-11 -
2024-05-11		 a year crt.sh
jwpltx.com
Amazon RSA 2048 M03		 2023-10-12 -
2024-11-09		 a year crt.sh
jwpsrv.com
Amazon RSA 2048 M02		 2023-03-20 -
2024-04-16		 a year crt.sh

This page contains 42 frames:

Primary Page: http://www.em.com.br/
Frame ID: 9CCC7D7B808AA3EE84335AB8E17D5334
Requests: 273 HTTP requests in this frame

Frame: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 50AB6561F509F122FAD4924B3D553347
Requests: 1 HTTP requests in this frame

Frame: https://barra.uai.com.br/centralizador.html?origem=http://www.em.com.br/
Frame ID: F3299F63F6D83CFADA6E0A0926E3671A
Requests: 2 HTTP requests in this frame

Frame: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 24FE9BB60CA39D7FA845761A5C6983A1
Requests: 5 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Frame ID: 31931E99AE95D194A1B8D0FB065C6BAF
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Frame ID: 35EE774529F5CCF8052C7F1F0E47CC2B
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Frame ID: 07E5BBC5D23E67952449F73373384D92
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 448558F7541B3F57E084A85AC5DFC3A3
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6D791A641AC4997FC8510DCDAF0B5894
Requests: 1 HTTP requests in this frame

Frame: https://t.seedtag.com/t/1272-1710-01.js
Frame ID: 1AC949276964527A4DDA4745E55D7A3A
Requests: 3 HTTP requests in this frame

Frame: https://cnt.trvdp.com/js/869/6558.js
Frame ID: FA5930E1CEF405F1E53E38193005BB0F
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v14.0/plugins/login_button.php?app_id=358950299469365&auto_logout_link=true&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a8c90126cf82c%26domain%3Dwww.em.com.br%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.em.com.br%252Ff24f699701a76c4%26relation%3Dparent.parent&container_width=0&layout=default&locale=pt_BR&login_text=&sdk=joey&size=large&use_continue_as=true&width=
Frame ID: B6C551ABC09295ABA6EE0ED78733B784
Requests: 3 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&shape=rectangular&theme=outline&text=%24%20%7Bbutton.text%7D&size=large&logo_alignment=left&width=240&client_id=133477885879-ml89jg8mocekhmnraefpi3cgednablut.apps.googleusercontent.com&iframe_id=gsi_101456_409856&as=ZP%2FVEXg43xlDC9UmDDPeMg
Frame ID: 6C4EC7D92E75CAD9F56A6300F0AC02C4
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3AAA5C7633D0C4C3E7F1B556C9A743CB
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3E11CEA3E5C5B15BEEF01AE96B8C1667
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: CB380DC0C93EF484EBAF5945D1D65FEF
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&cmcv=&pix=undefined&cb=1702160102071&uv=3364&tms=1702160102071&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!lotc_vB!splits_full_traffic!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=cb24ad61-4361-4840-86c1-8028184037d1&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: D4C566D0F851B7D8AB0D965850328949
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 8FC870349437EB010086D68F593654B5
Requests: 3 HTTP requests in this frame

Frame: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AB472FBA12A67B3AA2559F64E2B40377
Requests: 30 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9uEPrp8quvtQcLT1I49FPamsk3LmGB4XhicUrwBXfYjOMX7lMpzUvjM2U1zeFHpK8dgCYbxEEpKh76H-8dll3-cwTF5mhmSBvke02r7uglJ75Ai2pLwbLvXHZZj6TnKDDYQt198QpwkqWdxcUvXzLwQ4udAD90DJJCryaGVmqYCw47KpiV8AV_ppyWzcM1AYhDCFPOktEDNpXacQpl4A6UzohR12jb34fL3hgAd1elJmc0V4FMFGlQb122eEFpbY9xBBe4p-kND_TkHNFzKJevGjiEEBaLEwhVgjfwMmaQxV497F_AeyzLU6mfXkCUL7PEdZCgiPh505IHFAXASDr56g-JrSRheKd8r1fa823YkfU&sai=AMfl-YSter_qBP_u__eliVO7meIrH3hV16Nfqy78v0u3ZKJazbPcbnXf-BaYNwkRoldxG_3SFUSZiLMYB9cG7t0mpwZVCAV7C9cqmlI9_uqXQzDE22AlpzXdLSuAyl3dmsX5IM-oc8ltfmajEw&sig=Cg0ArKJSzKMuRdLsjFs1EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: FBFE34BCE3E7308B3C1677427AF878DA
Requests: 8 HTTP requests in this frame

Frame: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FA80B20366FF591759C167ECABC4F744
Requests: 30 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 80B41229804FB71084D9E99132A825FE
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNXwjKvoimbpynMlX8yDzv-AmxPM_i_Lwed91CTVF4hWxRftKBsYYy0DsRgq_fAg6cUDBWVQuiUZqVyyRTRMa4dPfBsvRIPfVC12B9sVaTnc4GskGrXBzYIwHQQc6Tw9b3FPvpcnxXrnspREf9g2IEV1dFTnZ53daybgEhDFLYi2rKqoiqA
Frame ID: 06EB37572CBD217CA3438EBF8075EB42
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNWC_KmeeUwOW7_tTd5TOuBQe6LQlhslSdjCV4zOp2dXoqBzVCOZWteGpOaIseHOQ_G2ZmCFaPrYoT34VDNELfpgiZdO1abaNKkB7PBRJ5LmXAXTx9heiJOwdgxENfxNFh8xu4hPMWRiM-EyxLr8zISHXKqNud6H88nb0QVaxn9DL7dl_A0
Frame ID: A950944F64B78DEB6D38D1CDC4EE01C9
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 78F9568E9C174C0799EE2AF8EF6C0BB3
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F96594E78F9C6D60141D5D2B19E90F56
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Frame ID: 73BAF9CF8F2A4913B221870124B76B61
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Frame ID: 7F5DAAE9C8249A778FCA245BCDC216F0
Requests: 32 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 45541871664079205564D4F6DAFEFCA1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C5EF04C785A1474A97CEB21639D5AC06
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B88FE964125E5F8E4ADAC19F43C1203E
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Frame ID: F29F5DC199A80C69B0D6C62AC94F76B2
Requests: 15 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2608EE8CC163CBBB027400E290E99FD0
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 25742DC71F51F0A32EEC6F0D2C1ED93C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7FBA7CA2279176645DD0ACF234370D78
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Frame ID: D64A0A83F387E4188E4AB77E8CC7BD42
Requests: 15 HTTP requests in this frame

Frame: https://ih.adscale.de/map?ssl=1&format=video&gdpr_err=CMP_TIME_OUT&src=map_js
Frame ID: 1D55EEFBDB2B22FE900D761488E8C79C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 487D4916568C19C5BD6B5DC01278B85C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EC235BC01B36079325F540F2452EC277
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: BE6BFC583D8D5745E738CEABEB023D60
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.608.2_pt.html
Frame ID: 465ABEECDB089FD166E2D09202D7BEF0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4356F1FE64795429F431CE6ECF52D497
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Jornal Estado de Minas | Notícias Online -

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

506
Requests

90 %
HTTPS

40 %
IPv6

81
Domains

156
Subdomains

109
IPs

10
Countries

8456 kB
Transfer

25684 kB
Size

67
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 131
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=84942644869 HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=84942644869&google_gid=CAESEK2U3NBcznQ6y1xOdnLhciU&google_cver=1
Request Chain 133
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Request Chain 136
  • https://ssum.casalemedia.com/usermatch?s=191709&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Request Chain 138
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvid-io-dub.springserve.com%252Fusersync%253Faid%253D1000001%2526gdpr%253D1%2526gdpr_consent%253D%2526us_privacy%253D%2526uuid%253D%2524UID HTTP 302
  • https://vid-io-dub.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=9153038471813428128
Request Chain 141
  • https://pixel.advertising.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true
Request Chain 144
  • https://bh.contextweb.com/rtset?gdpr=1&gdpr_consent=&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%25%25VGUID%25%25 HTTP 302
  • https://vid-io-dub.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=xc05lUZvt0dc&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
Request Chain 145
  • https://sync.1rx.io/usersync2/rmphb?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BRX_UUID%5D HTTP 302
  • https://vid-io-dub.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
Request Chain 147
  • https://pbs.publishers.tremorhub.com/pubsync?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D HTTP 302
  • https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D HTTP 302
  • https://vid-io-dub.springserve.com/usersync?aid=1000015&gdpr=1&gdpr_consent=&us_privacy=&uuid=ae15e3505f334821999676bab5ab0668
Request Chain 152
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent= HTTP 302
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1
Request Chain 157
  • https://pixel.rubiconproject.com/token?pid=52948&gdpr=1&gdpr_consent=&us_privacy=&rk=dub HTTP 302
  • https://vid-io-dub.springserve.com/usersync?aid=1000025&uuid=LPYM6BXC-6-BJX0&gdpr=1
Request Chain 160
  • https://ads.stickyadstv.com/user-matching?id=3691&_fw_gdpr=1&_fw_gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26uuid%3D%7Bviewerid%7D HTTP 302
  • https://sync.springserve.com/usersync?aid=1000028&uuid=32d5e41d9416ce265cc4c5fae2cdaf&gdpr=1&=&us_privacy=&gpp={gpp_string}&gpp_sid={gpp_sid}&gpp_sid=&gpp=&us_privacy=&_fw_gdpr=1&_fw_gdpr_consent=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26uuid%3D%7Bviewerid%7D
Request Chain 178
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpj2CL26sk_QJrNQcM9SJv7wZpLuW0W_LJvCEAwp2-CxNV3C7htfE-CNFHDBqTLtk3A-hyndkAzM-FdwOYKCeJeYrh5b0VxWae6N7R6EnDGrHSB_mVAeqn4dJVOnT4pfvl2CeRhU9F12C_61huMWgH73d_Y0P4KbELEJqSrTp3ACGV72LOb8O-XjtOTZRWQ4Z-ZPxZIAncGBCe9R5PewP9YRp5abbXHvxZavsrzu-a7c1X2UEm-ZUp0w1Ov4TM5F-Nt9CKiA1SkZtANaXseRqWbR-DRsphDU2WOObzTXv0Vi1e6-oBFiDa9Q8qEiwiLcF5SInfQ21mq75JZV4XncpNaubgM-i3cQ&sai=AMfl-YSKcFam_M5c1tpDcTA-2Jcwan6thQ_WlyDDVeaOB0zzzMrchMdsMPHj6In4bgVmNM-9XUwN9vs3EvGqAK32eDRuGbKqaEYTJe67TOAh6cURxsab5H1r6ZpA38SKC1WUm7ayIxbjZRb5Rnw-zIZvkd2WMSeaSlx2Jus4140&sig=Cg0ArKJSzIeNkKDywDYjEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=https://tpc.googlesyndication.com/pagead/imgad/dot.gif HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad/dot.gif
Request Chain 181
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswteO7pPQq6k7MlvOX08l5cPVTvgZaCHH2b_JgaUWSfeqT49dh2gDUg80G-aV1pqGq8U5H60bA1dxsEGrXWNfWEWZluZ5qV7ds4WwX6bUEDmJHetuDHzUsMKg5Hr2YPHesabwDrlzU_s5aoKOHxzrwssNiNj2b1Z2fat1wzWHp4eKHafTDcRGqBlZ68KTLii6H0uP42JYnxwACiNoXdZTyIRSdOtii3kqC42AKLwqdY6cCum6l7be52B2MbTmk_u7oRKTgTTsSoRMNHS0VTnjwctYMzuZb2g_KrXcy6rH1d8FuHFkf0auR2PRPKXr_3O8Xvl_IEWZLOHCRk5RzgxjyUJpC1CKZ4m5P1g&sai=AMfl-YQ0FWmAMUOkzg008WqPLHXK8-2djKPHT1VeVXkkcM101I0XBXgESDTakalV0ENWJmPp1c1C3LBo6nik5REuoocfSY5Q0hAe5ZUXRoMoQVmjShiy8QNz3qkOrJDTQ6XWzwL0Uv7aJpAf4CTHkcLVSVzKnyEtUipbkAPgvzI&sig=Cg0ArKJSzFFdQRg7tZr4EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=https://tpc.googlesyndication.com/pagead/imgad/dot.gif HTTP 302
  • https://tpc.googlesyndication.com/pagead/imgad/dot.gif
Request Chain 194
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXTm5Ym9aQ6m3Zi9HbN76QAA%265239&gpdr=1&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXTm5Ym9aQ6m3Zi9HbN76QAA%265239&_li_chk=true&gpp_sid=&us_privacy=&gpdr=1&previous_uuid=bb42f87b7dca413abadb998f32eb1b1a HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 196
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=ZXTm5Ym9aQ6m3Zi9HbN76QAAFHcAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=ZXTm5Ym9aQ6m3Zi9HbN76QAAFHcAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 197
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXTm5Ym9aQ6m3Zi9HbN76QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ6pnD0WwTFhje_YUSvgZxQ&google_cver=1&gdpr=1
Request Chain 199
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=ZXTm5QAFvFUS0wBd
Request Chain 201
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 233
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 251
  • https://pr-bh.ybp.yahoo.com/sync/taboola/6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-rE84rJhE2oQshlt3WUhM7HnHQwr7zbuqCbKI9w--~A
Request Chain 254
  • https://pr-bh.ybp.yahoo.com/sync/taboola/6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-rE84rJhE2oQshlt3WUhM7HnHQwr7zbuqCbKI9w--~A
Request Chain 288
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ6pnD0WwTFhje_YUSvgZxQ&google_cver=1
Request Chain 289
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXTm5Ym9aQ6m3Zi9HbN76QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ6pnD0WwTFhje_YUSvgZxQ&google_cver=1
Request Chain 290
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECffIoGTPDLgCKjWmiK9F-I&google_cver=1
Request Chain 291
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3NzEwMjIxOTc4MDY4MDk4
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPQ41he-MRD7N0MvIs5Tujg&google_cver=1
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEB6rNW_EnVgbN84Inb5zzP4&google_cver=1
Request Chain 305
  • https://pr-bh.ybp.yahoo.com/sync/taboola/6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-rE84rJhE2oQshlt3WUhM7HnHQwr7zbuqCbKI9w--~A
Request Chain 317
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Request Chain 324
  • https://ads.stickyadstv.com/auto-user-sync?_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=32d5e41d9416ce265cc4c5fae2cdaf&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZXTm5Ym9aQ6m3Zi9HbN76QAAFHcAAAAB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1667_7311293824205594893&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/32d5e41d9416ce265cc4c5fae2cdaf?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-JyG2HA5E2oNUUjXt4Vh34w9YiFvLVsPuHTnZRTvp~A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Request Chain 325
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=32d5e41d9416ce265cc4c5fae2cdaf&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 336
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM_DamCsulEkLP5-X3BhybU&google_cver=1&google_push=AXcoOmT0EQyLYznV-hnP6253oD_qG4J5_5xJ9fL0U3keDJcWO3RFHTgZw_M7bvHafc6DQrT77Wg2EodGwWZpuG03tbXm1qAfLIX8iA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjYwOTAyMDQzMjk2NDIzMTcxNQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM_DamCsulEkLP5-X3BhybU&google_cver=1
Request Chain 338
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJBh444fyGCg6vqABLekkqI&google_cver=1&google_push=AXcoOmRTFhe69ZokOLQa-zCntgAcjM6x0mSZf9ZkSjRemyrZUzjPSpGpuq8V8s2XdEJ481DNp4R4ccyVK_QKJocjRgkBEsilbfoWmw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRTFhe69ZokOLQa-zCntgAcjM6x0mSZf9ZkSjRemyrZUzjPSpGpuq8V8s2XdEJ481DNp4R4ccyVK_QKJocjRgkBEsilbfoWmw&google_hm=eS0uVG4uTF9KRTJwRnZMeHRLTlhGbzJuVGp3NUVKc1BPNH5B
Request Chain 339
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIluAescMrZFzsvgyefa28E&google_cver=1&google_push=AXcoOmRJWZsGaBpqQbfM2En92i_abAEDNBVFyQ5LR8bVuEEzoX0ZtBvoNzk7BlBwISQwsRlatg_R8JoHMP2Q68yjkGhYbBV8Az8uGA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRJWZsGaBpqQbfM2En92i_abAEDNBVFyQ5LR8bVuEEzoX0ZtBvoNzk7BlBwISQwsRlatg_R8JoHMP2Q68yjkGhYbBV8Az8uGA
Request Chain 341
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEECUdJQ3t8oU555TotCoc30&google_cver=1&google_push=AXcoOmRy0y1JBmB64z9sX4QE_AmQXbuV4-Kfj_HSFFsRzbOsU963fMLwsvpheN37ir_IkeIITlN9apozKkBxwq4aIJmiDNA-jcYQJMI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRy0y1JBmB64z9sX4QE_AmQXbuV4-Kfj_HSFFsRzbOsU963fMLwsvpheN37ir_IkeIITlN9apozKkBxwq4aIJmiDNA-jcYQJMI HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 342
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHzl04Og-_djKauk4pgmUpg&google_cver=1&google_push=AXcoOmSeFHQHkdaa6ubyfbuT-1JY_5akdGi2QI2HnFYL7TFVE56tb7ExA_iYKHSNzdswwUPqjAPbJMaL7u6xYcVFfTDphWzjOX3AWQo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTg3NzEwMjIxOTc4MDY4MDk4&google_gid=CAESEHzl04Og-_djKauk4pgmUpg&google_cver=1&google_push=AXcoOmSeFHQHkdaa6ubyfbuT-1JY_5akdGi2QI2HnFYL7TFVE56tb7ExA_iYKHSNzdswwUPqjAPbJMaL7u6xYcVFfTDphWzjOX3AWQo
Request Chain 348
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523880/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-8007001547012283&ias_chanId=1&ias_placementId=20492285957&bidurl=http://www.em.com.br/&ias_dealId=&xsId=ABAjH0g2tYdpgUXWq1A4QZ1awDyz&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0g2tYdpgUXWq1A4QZ1awDyz&adContainerId=brand_safety_5uZ0ZYbEGumcjuwPmuOZiAw&cbFunctionName=goog_wrapCb_5uZ0ZYbEGumcjuwPmuOZiAw&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fwww.em.com.br&adsafe_type=y&adsafe_url=http%3A%2F%2Fwww.em.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:2ce66e29-5b31-1dc3-696c-e4c7bb5ba3ee,c:wloXGA,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765b799994-29cln,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tXZ0k8N+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g*.1627455-73523880%7C1g1%7C1g2%7C1g3%7C1g4%7C1h%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m,idMap:1g*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:44,oid:66327ee2-96e0-11ee-9cbe-f21e1b8de262,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0g2tYdpgUXWq1A4QZ1awDyz&ias_xappb=&adContainerId=brand_safety_5uZ0ZYbEGumcjuwPmuOZiAw&cbFunctionName=goog_wrapCb_5uZ0ZYbEGumcjuwPmuOZiAw&true_pb=
Request Chain 370
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523880/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-8007001547012283&ias_chanId=1&ias_placementId=20492285957&bidurl=http://www.em.com.br/&ias_dealId=&xsId=ABAjH0inHVy-3vtOlSXaSaSHhYa3&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0inHVy-3vtOlSXaSaSHhYa3&adContainerId=brand_safety_5uZ0ZeOcIvHOjuwP-8maoA8&cbFunctionName=goog_wrapCb_5uZ0ZeOcIvHOjuwP-8maoA8&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fwww.em.com.br&adsafe_type=y&adsafe_url=http%3A%2F%2Fwww.em.com.br%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c2b88e9b-3ed0-8d95-5b42-17c4a3bc239a,c:wloXJY,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765b799994-px45d,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tXZ0kcm+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h%7C1i*.1627455-73523880%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m1%7C1m2,idMap:1i*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:33,oid:664a745e-96e0-11ee-9748-92ac4c185884,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0inHVy-3vtOlSXaSaSHhYa3&ias_xappb=&adContainerId=brand_safety_5uZ0ZeOcIvHOjuwP-8maoA8&cbFunctionName=goog_wrapCb_5uZ0ZeOcIvHOjuwP-8maoA8&true_pb=
Request Chain 375
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFWfhsNo-ObqARN5nWffdcM&google_cver=1&google_push=AXcoOmQo81jzgPNPtRmXnkDo_5xvP6iq_pSWPtio-_kjVgTXi1p9s7OzBmdTXsueaqauRIOIov_4Ym_C7JBYl4R-t7msVKP7G7FG&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQo81jzgPNPtRmXnkDo_5xvP6iq_pSWPtio-_kjVgTXi1p9s7OzBmdTXsueaqauRIOIov_4Ym_C7JBYl4R-t7msVKP7G7FG%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFWfhsNo-ObqARN5nWffdcM&google_cver=1&google_push=AXcoOmQo81jzgPNPtRmXnkDo_5xvP6iq_pSWPtio-_kjVgTXi1p9s7OzBmdTXsueaqauRIOIov_4Ym_C7JBYl4R-t7msVKP7G7FG&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQo81jzgPNPtRmXnkDo_5xvP6iq_pSWPtio-_kjVgTXi1p9s7OzBmdTXsueaqauRIOIov_4Ym_C7JBYl4R-t7msVKP7G7FG%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 376
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEla2LZP4J0S1L5XacF8qMo&google_cver=1&google_push=AXcoOmTMG8ftG3s1oBsR8zH3lDZIK-81efJDgyJnahvYVhVjnhvJ8olzrrwfiE1XzjffBEf7vj35qgokHnuyWiRjOvS8zc8h9L8b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTMG8ftG3s1oBsR8zH3lDZIK-81efJDgyJnahvYVhVjnhvJ8olzrrwfiE1XzjffBEf7vj35qgokHnuyWiRjOvS8zc8h9L8b&google_hm=KtZFBiRiRpe22X3kIIq-H8c
Request Chain 377
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPCRYBvv0dJZGPy6ur6eF0I&google_cver=1&google_push=AXcoOmRVg1XR1C0kXg7Fl0G6T-L3pfASBtVQh4WjGIEdC8_eofrTUTz5Vt4CJb163VqwiI0J9axUcScZ7p8n94A8UAZh398nwp49pA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uCr8JUlqSCESmO9VYx63lg&google_push=AXcoOmRVg1XR1C0kXg7Fl0G6T-L3pfASBtVQh4WjGIEdC8_eofrTUTz5Vt4CJb163VqwiI0J9axUcScZ7p8n94A8UAZh398nwp49pA
Request Chain 380
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPXFzRAGmZyJ22Ega0h1s9s&google_cver=1&google_push=AXcoOmRa6hxTl8fNfWlgLaIu5yumJ249cjwARq8BrB528JovrmEsjsEtDtPdYxaEWnCQaGGiqBC9nFrBhC1KW-sxMC7gU_GsLrgviA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBZTTZCWEMtNi1CSlgw&google_push=AXcoOmRa6hxTl8fNfWlgLaIu5yumJ249cjwARq8BrB528JovrmEsjsEtDtPdYxaEWnCQaGGiqBC9nFrBhC1KW-sxMC7gU_GsLrgviA
Request Chain 381
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIluAescMrZFzsvgyefa28E&google_cver=1&google_push=AXcoOmSUtlEmUB2yp5b3uXlJ1XSNH9mYF1lbGFTb8n8ao-19Iy41mPZpt1sm9MNSEeyLjaBUiH6OgQrlkAX0C4-RSQTkYGVdemE5pSw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSUtlEmUB2yp5b3uXlJ1XSNH9mYF1lbGFTb8n8ao-19Iy41mPZpt1sm9MNSEeyLjaBUiH6OgQrlkAX0C4-RSQTkYGVdemE5pSw HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 442
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
  • https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=01BW59M51Rc5Be5
Request Chain 445
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=1&gdpr_consent=${GDPR_CONSENT}&us_privacy=&gpp=${GPP_STRING_142}&gpp_sid=${GPP_SID}&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=932e5778-8bba-459a-a5a6-8d2d60784c5c&gdpr=1&gdpr_consent=${GDPR_CONSENT}&us_privacy=
Request Chain 494
  • https://cdn.jwplayer.com/strips/92tfutNX-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/92tfutNX-120.vtt
Request Chain 500
  • https://cdn.jwplayer.com/v2/media/92tfutNX/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/yairu8kg-720.jpg
Request Chain 501
  • https://cdn.jwplayer.com/v2/media/92tfutNX/poster.jpg?width=480 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/yairu8kg-480.jpg
Request Chain 509
  • https://cdn.jwplayer.com/v2/media/azknuln8/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/h4nownp9-120.jpg

506 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.em.com.br/ 		337 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.em.com.br/
Protocol
HTTP/1.1
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18bfbc6bfd7f9d48e49df3e5d05e4516feeb47bec96b1a8392d5a51ba10f13f4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
*
Age
113
Cache-Control
public, max-age=120, s-maxage=604802
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 09 Dec 2023 22:14:59 GMT
ETag
W/"5ea805e0d1b247681eb15201c158fb7b"
Last-Modified
Sat, 09 Dec 2023 15:57:30 GMT
Server
AmazonS3
Strict-Transport-Security
max-age=63072000;includeSubDomains;preload
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 varnish-v4
X-Cache2
HIT
X-Content-Type-Options
nosniff
X-UA-Device
desktop
X-Varnish
25567508 17442099
X-XSS-Protection
1; mode=block
X-host
dapress.s3-website-sa-east-1.amazonaws.com
X-host-orig
www.em.com.br
X-url
/home/em/public_html/_conteudo/home/index.html
content-security-policy
upgrade-insecure-requests
pragma
azion-debug-cache
x-amz-id-2
Nxl6mMYfgUrE5j41mZrVrImk1esMmKvUn+bERkosXBMwssWu8pYC5Vp1BSIHLzkxYe6RYueUg2E=
x-amz-request-id
S5QHCDD5X49BZV5G
x-amz-version-id
null
x-debug
XXXXXX
x-url-without-qs
/
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4506712d78f3da989391a382d199c5f861d140c61d73e0449f009b77c48c8907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:14:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30428
x-xss-protection
0
server
cafe
etag
974 / 19700 / m202312040101 / config-hash: 18041799505519846586
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 22:14:59 GMT
prebid.js
www.em.com.br/frontend/assets/scripts/ 		275 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.em.com.br/frontend/assets/scripts/prebid.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4bc4b2d5be74e35ae8a2ef95ffa321bf0fc9baae937ae2e017eb42ea753b87f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:14:59 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/frontend/assets/scripts/prebid.js
x-debug
else
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
37A0XN9JM3Q2KH70
age
313
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-encoding
gzip
x-url
/home/em/public_html/frontend/assets/scripts/prebid.js
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2
b3pLkazu8t9bruwL3KQeDuH3/LsSc7QrUGCREqONlGZMbGpR9pWSfT35FG4NIfu9ZZGvZgaj8sg=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Wed, 01 Nov 2023 17:20:31 GMT
server
AmazonS3
etag
W/"ec1e70bc0a5dacb7827d9503f541bd25"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
x-varnish
7110750 426012
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:14:59 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1557482
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230052-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1702160100.819153,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
4, 912389
taboola-push-sdk.js
cdn.taboola.com/webpush/publishers/1066966/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/webpush/publishers/1066966/taboola-push-sdk.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
capa.css
www.em.com.br/static/css/ 		413 KB
90 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.em.com.br/static/css/capa.css
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6c7b3f12d189ff1bd6aeb59bde7ab8b6008b509d7d5b57fbb755ebd0d21d13c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:14:59 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/static/css/capa.css
x-debug
else
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
P9HYKZBZ64BBD4WV
age
313
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-encoding
gzip
x-url
/home/em/public_html/static/css/capa.css
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2
sd0CWVxDqc/hKu+9185Nv0T97TUZ0EPM7LuEthxcV01TjtdW0I1GqQQPr5yoZMzCojNbZmDJjbs=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Wed, 01 Nov 2023 17:20:40 GMT
server
AmazonS3
etag
W/"78e5063f653c3bc71d63ec18c09e5a93"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/css
x-varnish
5964300 851972
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
pushnews-launcher.js
cdn.pn.vg/push/ 		923 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/push/pushnews-launcher.js?appId=b98d1f1e-45a7-4109-8231-388e4bf117c0
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26b6fe56ad4e8d293ef0f3f3aecdcbd57befae8b08812e9c98b64c0bb3edbeb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
via
1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P5
age
1006
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 14 Feb 2023 18:33:43 GMT
server
cloudflare
etag
W/"3b0072743385c7b1bb595312ab9c3eab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9R6HuX8xRwXDHpaK%2BKMjswqQ7fbBAbFxSG%2FgxhvjnGp8Uq98MgiZJCUljn8p5eAMR7jGUPCNaigqUlYf8jojOSHe3q7elqkucBc4TNYyavZcAp9pPVVfsKdXO5rK4Wl4LXz1hrQSeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83309ab15faf9158-FRA
x-amz-cf-id
aSdnWjT2VmcQ1FGIKp9YTi0gM-o36HW_hFjX1FfzOQtkbZJ-9QJMjg==
logo-uai-mobile.svg
imgs2.uai.com.br/UAI_2018/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs2.uai.com.br/UAI_2018/logo-uai-mobile.svg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
c3ecf31e703f59a268f18b82ef3d290ae24f91bda18a770a42798ad1ea0fa0a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 04 Dec 2020 13:30:00 GMT
server
nginx
etag
W/"a2b7c26-1ce0-5b5a3792dc87a"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=604800
expires
Sat, 16 Dec 2023 22:15:00 GMT
client
accounts.google.com/gsi/ 		206 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6081e4a68d706af77c4c3573d0af5c023934bdb7cd1855d2a2576e6bd899fe32
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-VmMKnkZFT67Qv3dR2SOIzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-VmMKnkZFT67Qv3dR2SOIzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Sat, 09 Dec 2023 22:15:00 GMT
sdk.js
connect.facebook.net/pt_BR/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
876f64800eddd600e46bf7b49c432bd929db8a738552559b2ea96e46ede87181
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.em.com.br/
Origin
http://www.em.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 22:15:00 GMT
content-md5
GLmmvN+7J+9Hm6kE/jLCPQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
+GIwWLdNEziC4zaClmmQhiq+KA3OJA82CUb8sxqIiO8FyRG215c1T0uE4DXTKR295nv9YaSOT4wknbLCF9WhWw==
x-fb-content-md5
6bc812c7df94f53cf9196501daa138ad
cross-origin-opener-policy
same-origin-allow-popups
etag
"d5e1e910efb20cd45703cab0aeb3cf11"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 09 Dec 2023 22:32:48 GMT
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.206.19.66 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-19-66.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Sat, 09 Dec 2023 22:15:00 GMT
Last-Modified
Wed, 06 Dec 2023 15:41:04 GMT
Server
Apple
ETag
W/"43171-1701877264092"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17356
devices-website.png
imgs.em.com.br/em/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.em.com.br/em/devices-website.png
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
8dc0df3dba239ddedac87859f71294ed080e4785e88d44566978c87f247dd456
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 30 Oct 2019 15:19:22 GMT
server
nginx
etag
W/"2265c7b6-26a6-5962241eb3cc6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
expires
Mon, 08 Jan 2024 22:15:00 GMT
universal.min.js
tag.navdmp.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Apr 2023 20:59:24 GMT
server
cloudflare
age
2776
etag
W/"642de12c-36d1"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
83309ab15c3b9034-FRA
expires
Sat, 09 Dec 2023 22:28:44 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		270 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:50:29 GMT
content-encoding
gzip
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
last-modified
Tue, 05 Dec 2023 22:47:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
1472
x-amz-server-side-encryption
AES256
etag
W/"aaba284d2b2910b9a4f56befae1e2e69"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
IX-O4CxZNWLDoDdU2KA9-veG4y5fUTtZALuu7lxGRYqkKHvEg4jgdg==
1_53383544742_08775aa8e8_c-33053004.jpg
midias.em.com.br/_midias/jpg/2023/12/08/545x380/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/08/545x380/1_53383544742_08775aa8e8_c-33053004.jpg?20231208181023?20231208181023
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6fd9f240e0e9f6cb8ecf113864ccabd6da95814262acd2426b0cef78ed9b777
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/08/545x380/1_53383544742_08775aa8e8_c-33053004.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
B3JEB5BQHMWB76HH
age
17
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/08/545x380/1_53383544742_08775aa8e8_c-33053004.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
68799
x-amz-id-2
wKZ0PI27oAY7ROyvDj4TlSoeNiH2E4WMmDTy6ydv2PCrlbdoJ52XXWt5qx5QpnsEarOMmPlSvs8=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Fri, 08 Dec 2023 21:07:32 GMT
server
AmazonS3
etag
"51f7d3a438ac802b091f74e7b5effb08"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
6521754 1217490
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_whatsapp_image_2023_12_08_at_17_39_45-33052716.jpeg
midias.em.com.br/_midias/jpg/2023/12/08/330x220/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/08/330x220/1_whatsapp_image_2023_12_08_at_17_39_45-33052716.jpeg?20231208174252?20231208174252
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f36185efe060f386c40a5f7175e6119beb87a3ea1d12679902938d22ae23277
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/08/330x220/1_whatsapp_image_2023_12_08_at_17_39_45-33052716.jpeg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
W5GQ2EW8DGXFERF7
age
21
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/08/330x220/1_whatsapp_image_2023_12_08_at_17_39_45-33052716.jpeg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
11350
x-amz-id-2
U+InASsdv7uKGi7tFPEbGXmxzeageNPSn+wVN1K3DwJeKW0DWJT20M9WIeUJu1mpgiXbLoG+ISE=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Fri, 08 Dec 2023 20:42:25 GMT
server
AmazonS3
etag
"bebc4c3984f2f27605d96c1e6373908d"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
959668 3476770
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_mulher_denuncia_ameaca_e_policia_descobre_arsenal_na_casa_do_suspeito-33068558.jpeg
midias.em.com.br/_midias/jpg/2023/12/09/330x220/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/09/330x220/1_mulher_denuncia_ameaca_e_policia_descobre_arsenal_na_casa_do_suspeito-33068558.jpeg?20231209114136?20231209114136
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7a643c364778798042a3f114d00ce30a8a3977a8d91a1f0ee6e5ff74a0c3c7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/09/330x220/1_mulher_denuncia_ameaca_e_policia_descobre_arsenal_na_casa_do_suspeito-33068558.jpeg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
5WVZTFD6PTHGXTC2
age
82
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/09/330x220/1_mulher_denuncia_ameaca_e_policia_descobre_arsenal_na_casa_do_suspeito-33068558.jpeg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
26559
x-amz-id-2
GVTL7UE/BdJa42sv53EiIXC9oXAWRdQx85k+0DEuUe7OmSVvKvLmWRY1dEMu1DsDiG+M5W42T2g=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 14:41:25 GMT
server
AmazonS3
etag
"eed5b5ab0973f72f26175efb4f0cf00c"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
22320773 19424092
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
lindos-peixes-submarinos-e1693488758977.jpg
www.flipar.com.br/wp-content/uploads/2023/08/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flipar.com.br/wp-content/uploads/2023/08/lindos-peixes-submarinos-e1693488758977.jpg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21123e5e3595be5a8a955cdad6e0c755176c4a82d4121f2f2e189f6ebd21df80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
38318
last-modified
Thu, 31 Aug 2023 13:32:39 GMT
server
cloudflare
x-frame-options
sameorigin
vary
Accept-Encoding,Accept
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPgiGMiriN%2BJ3DOPrfQ8Wtyv6IzWdizLiFIMP04vEIsKpIuwFou2ZWsyf6SSevn2%2FMswyaEcm87tpEFrLmzX%2FWShJG%2FPHZFbwOJvMJC7zQoFwkbARuIJKhOfrGGxrRyyubdkTnZZbBBQ11gsS1Kq"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=31536000
accept-ranges
bytes
cf-ray
83309ab3ca902bfa-FRA
expires
Sun, 08 Dec 2024 22:15:00 GMT
01-site-European-Best-Destinations-Praias-da-Europa-site-European-Best-Destinations.jpg
www.flipar.com.br/wp-content/uploads/2023/07/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flipar.com.br/wp-content/uploads/2023/07/01-site-European-Best-Destinations-Praias-da-Europa-site-European-Best-Destinations.jpg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41e3058617b1953cfc91e7a267a2d4124ca7ba8651b071d19ee399be3cc176de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
70572
last-modified
Fri, 28 Jul 2023 22:13:25 GMT
server
cloudflare
x-frame-options
sameorigin
vary
Accept-Encoding,Accept
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqnvioqzTTRrN16C97wXkv6%2BKXzwAuaxjG4Zyvn6FgWTZPvb%2BUy7MSVw0RtH0r8wJsDr524UzuqJ%2FsEsBgwJnZZTX4Sr1cP9gTTXadLqjfnFnbJ0AXGfvxd9mT%2FU23huR5zv7cJNMmOrIdhF3nac"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=31536000
accept-ranges
bytes
cf-ray
83309ab3ca922bfa-FRA
expires
Sun, 08 Dec 2024 22:15:00 GMT
triarthrus-nt-small-1-_Easy-Resize.com-1.jpg
www.flipar.com.br/wp-content/uploads/2023/11/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flipar.com.br/wp-content/uploads/2023/11/triarthrus-nt-small-1-_Easy-Resize.com-1.jpg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4c5755ac183cdaa5f800cbed4bc204132a31490c7386a399c8e158febae3e4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=98597, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
95191
cf-bgj
imgq:85,h2pri
last-modified
Tue, 28 Nov 2023 16:57:14 GMT
server
cloudflare
vary
Accept-Encoding,Accept
x-frame-options
sameorigin
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gemvj5XsNTvHHS1prWaVqqVqMhFuTNw3cOTnnKyxUU%2BNzJpELizdryma0PsLSDmHZJXFkaJI2vfq7ExlDwQYo%2Bidlo%2F1bRlN05yapIn2S%2FsogcMWO8LSXIovjqUCC4mg596F6WCjQJaWupXnioI8"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=10368000
accept-ranges
bytes
cf-ray
83309ab3ca8a2bfa-FRA
expires
Sun, 07 Apr 2024 22:15:00 GMT
tempestade-solar3.png
www.flipar.com.br/wp-content/uploads/2023/11/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flipar.com.br/wp-content/uploads/2023/11/tempestade-solar3.png
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9592277d735d99ffeb1eeeb8cb0010c95bee75dfe8356e1713ec09d031e430a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
60730
last-modified
Wed, 15 Nov 2023 13:59:19 GMT
server
cloudflare
x-frame-options
sameorigin
vary
Accept-Encoding,Accept
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZDGEqE%2BeJb6OYJsKLAjRTThioM92XKJxVM%2BxDpl36aCrjQDu7UOX1hMk7UlgoFwdHW%2FwUsaWWFz%2FimzEMJPjIGZmlQemb1sQrDgXWwDWOtfpazxXov00J9sZbhQePoOkqh8fZyB%2FaExiVleS1TU"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=31536000
accept-ranges
bytes
cf-ray
83309ab3ca8e2bfa-FRA
expires
Sun, 08 Dec 2024 22:15:00 GMT
gladiador-1536x1013_Easy-Resize.com_.jpg
www.flipar.com.br/wp-content/uploads/2023/11/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flipar.com.br/wp-content/uploads/2023/11/gladiador-1536x1013_Easy-Resize.com_.jpg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49e39c9df5a54a998fdd43fdbb918eaddc07c3a5846a1bac5b6657eb7cef12b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
67148
last-modified
Tue, 28 Nov 2023 18:51:21 GMT
server
cloudflare
x-frame-options
sameorigin
vary
Accept-Encoding,Accept
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFxKWArYadnSQVjdZq%2FF8PtOT%2FoGGPFWdxuodOU%2FrRNN%2Fsj08fBxCD4KAADuk916OOzC3O5VJHIkfOj5UI%2FW1t7I2rQH2wwdU7LAhPGWYbLCIV0rSJiBHMNf39nXgLjfPAq3dyvnZpwtDbmcc6Rp"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=31536000
accept-ranges
bytes
cf-ray
83309ab3ca942bfa-FRA
expires
Sun, 08 Dec 2024 22:15:00 GMT
1_logan_armstrong_hvhfqhdyciu_unsplash_e1673362763891-33070982.jpg
midias.em.com.br/_midias/jpg/2023/12/09/215x215/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/09/215x215/1_logan_armstrong_hvhfqhdyciu_unsplash_e1673362763891-33070982.jpg?20231209125531?20231209125531
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
491df0da96339bfbf33c6eb8c779b69a166ec96dea13127b5eaa0260de687d25
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/09/215x215/1_logan_armstrong_hvhfqhdyciu_unsplash_e1673362763891-33070982.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
D9TBSSPGZ4JRD3TH
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/09/215x215/1_logan_armstrong_hvhfqhdyciu_unsplash_e1673362763891-33070982.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
26766
x-amz-id-2
2VYeRswoFtmRrFH73edPrH5FRjNBR4rSLPTnuC00P4sG+aBVdF5ZLPIejWvOXqIAGPlG0rEc9w8=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 15:56:48 GMT
server
AmazonS3
etag
"8484af9577dc9cc6850efcd943c3676c"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
22232767
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_stop_g23144e8bf_1280-33070948.jpg
midias.em.com.br/_midias/jpg/2023/12/09/215x215/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/09/215x215/1_stop_g23144e8bf_1280-33070948.jpg?20231209125132?20231209125132
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba4d9cd21d6a6e5d0defbc1095265febc940cf4ccee12d1fdff83c8beab9938a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/09/215x215/1_stop_g23144e8bf_1280-33070948.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
T1DV04M1WBPR4HZB
age
56
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/09/215x215/1_stop_g23144e8bf_1280-33070948.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
30286
x-amz-id-2
4MFqkFa2/n7DCBuc6SIi36nSPJt1otgfHLHAV9zS/nhqZvfDQLOW4YyI8vg/P+t7HO19dtOV/eE=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 15:55:03 GMT
server
AmazonS3
etag
"d734b4037656f032774d09369cf36b81"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
22546356 26083375
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_arzachena_italia_e1700586304127-33070451.jpg
midias.em.com.br/_midias/jpg/2023/12/09/215x215/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/09/215x215/1_arzachena_italia_e1700586304127-33070451.jpg?20231209124043?20231209124043
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ed72cb0c9b312f83130d6d81032c227eee93b87e3cd0279366699c6ae1c033c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/09/215x215/1_arzachena_italia_e1700586304127-33070451.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
YZYZCAKSWHQ63RP7
age
118
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/09/215x215/1_arzachena_italia_e1700586304127-33070451.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
15663
x-amz-id-2
IEvQ1bhVMeWcAHxc/2nTI0sAD5vpXhSgoA9wb4r5oenLSzrtCIsvAqzsBN8El6g47zer5NHMvIc=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 15:48:54 GMT
server
AmazonS3
etag
"6a9c6a24e71679018ebd242058fd5430"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
24082399 25761658
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_cinema_4857895_1280_e1671898246999-33070047.jpg
midias.em.com.br/_midias/jpg/2023/12/09/215x215/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/09/215x215/1_cinema_4857895_1280_e1671898246999-33070047.jpg?20231209123053?20231209123053
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd9e7a67b7118029754231ed69d1b6d001de819e4c28bbfe163bf2908284b5a2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/09/215x215/1_cinema_4857895_1280_e1671898246999-33070047.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
YZYQQDGAC57ZJNDY
age
118
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/09/215x215/1_cinema_4857895_1280_e1671898246999-33070047.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
47750
x-amz-id-2
0PGh3rT/s+JAn4apsq3mKaBdo0h48wxTzZrs9MZ11uRZx3EmfUEF96FPSjY66agYs/T60GVUVL4=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 15:48:54 GMT
server
AmazonS3
etag
"bd60a6c30dd2833620546b159bc49231"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
23910546 23843046
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_03_quimera-33069249.jpg
midias.em.com.br/_midias/jpg/2023/12/09/215x215/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/09/215x215/1_03_quimera-33069249.jpg?20231209122921?20231209122921
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63d3058bdbe760a4536348413642eb6f051581f4c534792a99a3396a547666df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/09/215x215/1_03_quimera-33069249.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
YZYYZNGXHQ1QS6KS
age
118
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/09/215x215/1_03_quimera-33069249.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
13813
x-amz-id-2
HY2hAZU5E1M+UsOXpdsYBiUI7bGEwMYpU74rC8VlcnVzpBWRxX7ZuDSptKML1K4byQfZtT38o5E=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 15:48:53 GMT
server
AmazonS3
etag
"5ea72d15fa162a55b1ff01e7fa550257"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
24420240 25526285
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_19_carnaval_de_ouro_preto_mg_ane_souza_flickr-33069208.jpg
midias.em.com.br/_midias/jpg/2023/12/09/215x215/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/09/215x215/1_19_carnaval_de_ouro_preto_mg_ane_souza_flickr-33069208.jpg?20231209122537?20231209122537
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd234e0f1a3d0ca947feac17c9cdd2dfa4b25a901bc36e1a959d5e11aeac88da
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/09/215x215/1_19_carnaval_de_ouro_preto_mg_ane_souza_flickr-33069208.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
YZYXJXCP8AVBQ2FR
age
118
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/09/215x215/1_19_carnaval_de_ouro_preto_mg_ane_souza_flickr-33069208.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
117936
x-amz-id-2
uGtc8edDdTBvsDnfHdXeV/qTnPqR2U8sJyBNq16fzlpFYg0ZQIjnLI+IQ+Se3xd8vVhDUuF4A+o=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 15:28:36 GMT
server
AmazonS3
etag
"e71a2146e4f67bb159f7509b2a45cfc2"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
23315481 5663787
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_canal_no_youtube_dreamyia_reproducao_youtube-33068656.jpeg
midias.em.com.br/_midias/jpg/2023/12/09/215x215/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/09/215x215/1_canal_no_youtube_dreamyia_reproducao_youtube-33068656.jpeg?20231209121748?20231209121748
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
381a2b410397b19d91a5cc2d7c6f89675dfd1df296c241f923fb666e9364c598
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/09/215x215/1_canal_no_youtube_dreamyia_reproducao_youtube-33068656.jpeg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
YZYX7RESCAX813BM
age
104
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/09/215x215/1_canal_no_youtube_dreamyia_reproducao_youtube-33068656.jpeg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
30770
x-amz-id-2
VN78pwT4EloUG48s+lufyqhhQsomsBHuZxsMXrGaiPrKCCGNPe4u6ww/cQt3nrghtQXYd84QYeA=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 15:20:41 GMT
server
AmazonS3
etag
"713e7387fc634172bd1e74b5cdd2e11f"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
18266349 25204902
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_06_carimbo_postal_da_aldeia_nome_longo_coal_town_guyr_wikimedia_commons-33066042.jpg
midias.em.com.br/_midias/jpg/2023/12/09/215x215/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/09/215x215/1_06_carimbo_postal_da_aldeia_nome_longo_coal_town_guyr_wikimedia_commons-33066042.jpg?20231209113505?20231209113505
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45f5a68fb3c11e426df0ca5e6f301787e25277e94bc79fbda41f3c501612b941
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/09/215x215/1_06_carimbo_postal_da_aldeia_nome_longo_coal_town_guyr_wikimedia_commons-33066042.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
1S2RJ45ND36V00VJ
age
1
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/09/215x215/1_06_carimbo_postal_da_aldeia_nome_longo_coal_town_guyr_wikimedia_commons-33066042.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
61044
x-amz-id-2
uKA5SEtsWhTMK6MAdg5H8Ih9/0y2Chf/9YWg41A2y3dt++usuCRs+a6in4eE64ff3le8XjNVF8s=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 14:38:53 GMT
server
AmazonS3
etag
"3c18c2f009e87484798ca8718eff7f83"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
24294753 25200388
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_baia_do_sancho-33066001.jpg
midias.em.com.br/_midias/jpg/2023/12/09/215x215/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/09/215x215/1_baia_do_sancho-33066001.jpg?20231209113248?20231209113248
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e42fc1d3b5cc6cc1d1ec4117b9c4b4d0d44c6a1577c1eda448ad7953865b937d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/09/215x215/1_baia_do_sancho-33066001.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DFQRPRK8CND226ZX
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/09/215x215/1_baia_do_sancho-33066001.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
40702
x-amz-id-2
2IJgJlZr3fACrTCPgexAx4nAvktzp55+I2bV6xoWN98NTfNmabFhSp8cDkSLtTK5PZSU6LuBi1c=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 14:34:40 GMT
server
AmazonS3
etag
"d80f376be55969f70fea08d2e145bfad"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
21676271
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_island_g26f7979cb_1280_e1688679226241-33065340.jpg
midias.em.com.br/_midias/jpg/2023/12/09/215x215/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/09/215x215/1_island_g26f7979cb_1280_e1688679226241-33065340.jpg?20231209111934?20231209111934
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
650bf3c2fb45b48d09d3eb66e8d90c9d9b76987aa7d731d55cc7622880d95649
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/09/215x215/1_island_g26f7979cb_1280_e1688679226241-33065340.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
156FBDA6QZKPXGRH
age
76
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/09/215x215/1_island_g26f7979cb_1280_e1688679226241-33065340.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
93840
x-amz-id-2
9gNCi5wv9cSV5mqh0acOjZPawU1QU/Ml29QHZMUr/eTudk7xVJ69WPyazDCvuBs2Mbs/opEQu0I=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 14:21:09 GMT
server
AmazonS3
etag
"9614ac66909e3915e7ec73aba6d88d85"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
19479314 17355707
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_whatsapp_image_2023_12_09_at_11_23_45-33066960.jpeg
midias.em.com.br/_midias/jpg/2023/12/09/330x220/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/09/330x220/1_whatsapp_image_2023_12_09_at_11_23_45-33066960.jpeg?20231209113823?20231209113823
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b2d13001ce692a6ee1fa7c42f6820046b5bb2726f25a00cfdd804f697539267
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/09/330x220/1_whatsapp_image_2023_12_09_at_11_23_45-33066960.jpeg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
AWW8EAQBHX6JRWQ6
age
136
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/09/330x220/1_whatsapp_image_2023_12_09_at_11_23_45-33066960.jpeg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
24842
x-amz-id-2
ab4Hc/V5ZJV2phhZ747gnN+serfuTGlhhWfJczlEasuv3yjxCK/HU8NwkiE4FyJgRsV1Dy85jjk=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 14:24:49 GMT
server
AmazonS3
etag
"63f3e88fdd8f4cf7025c9c8939fd6e35"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
23699276 19481987
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
placeholder.png
www.em.com.br/static/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.em.com.br/static/placeholder.png
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec2b997f9a42928846dda27375896a0e2c3fb57724a22cf9f281826e7e29c0f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:14:59 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/static/placeholder.png
x-debug
else
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
79NS6BFM6H6VSDBA
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/static/placeholder.png
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
3861
x-amz-id-2
/7j6xseOUikU55gUooNxVuGhyuOWWZ8D8SHA6GXR/1yFLjwMwGT+UrRqiGwWPFtn2HI56upbP9o=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Wed, 01 Nov 2023 17:20:40 GMT
server
AmazonS3
etag
"c97108c4ef484c6dbb6d52f6e0628107"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
x-varnish
198254
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_cleitinho-32531106.jpg
midias.em.com.br/_midias/jpg/2023/11/22/330x220/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/11/22/330x220/1_cleitinho-32531106.jpg?20231209104600?20231209104600
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad7e6af41a63849cd0614109b738f6f0a7cc5a9c54179e694aee3314e0350494
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/11/22/330x220/1_cleitinho-32531106.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
DQ4KJ04R2XR9N4KZ
age
193
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/11/22/330x220/1_cleitinho-32531106.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
15854
x-amz-id-2
Oh23orD0Ge+e/mLeb4NNDehKJG0wNAZdFu7q/AA0N5ZL5Clsskce3+jF2iYZ9u8zsWRtH3ZOYYA=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Wed, 22 Nov 2023 14:55:50 GMT
server
AmazonS3
etag
"de5b6bd3e1bfce298f3eea2139947ae8"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
24849816 22077576
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_lula_centrais_sindicais2_mcamgo_abr_180120231818_8-33064857.webp
midias.em.com.br/_midias/webp/2023/12/09/330x220/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/webp/2023/12/09/330x220/1_lula_centrais_sindicais2_mcamgo_abr_180120231818_8-33064857.webp?20231209103842?20231209103842
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
594b2d722e711f3cf77ca3a0a73d75a1d9f1553203ef2f45f1e423c4eb28f7db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/webp/2023/12/09/330x220/1_lula_centrais_sindicais2_mcamgo_abr_180120231818_8-33064857.webp
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
62A91V2J10GEEF3X
age
73
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/webp/2023/12/09/330x220/1_lula_centrais_sindicais2_mcamgo_abr_180120231818_8-33064857.webp
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
28006
x-amz-id-2
YOtJpXnMRm88VYE0//p8bQJW+Es83YiheiJQp0EtcTYYhDU8I2erIugtSTa45JmlGFjqgBVm5sk=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 13:39:06 GMT
server
AmazonS3
etag
"c76ca9b41d5c0e31f7e9f551447dd5cf"
access-control-allow-methods
GET, OPTIONS
content-type
image/webp
x-varnish
24366043 21613451
access-control-allow-origin
*
cache-control
public, max-age=120, s-maxage=604802
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_11042023_pzzb9208-33064842.jpg
midias.em.com.br/_midias/jpg/2023/12/09/330x220/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/09/330x220/1_11042023_pzzb9208-33064842.jpg?20231209103527?20231209103527
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3bea5e6fdad6b61509fdee4cd2a36f3e5cfe314268e61116f24f0ea7ffe86e9e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/09/330x220/1_11042023_pzzb9208-33064842.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
7CVCP4XK8DKP906Z
age
3
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/09/330x220/1_11042023_pzzb9208-33064842.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
22574
x-amz-id-2
b5Dd/RDptohs619qU0HijsSJQjPnjvQ6H5aeUwJAZ4KmTQXPZ/dnxiWZ+XssV23z8iY2iqzVgHo=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 13:34:29 GMT
server
AmazonS3
etag
"4a9507b3bcd84a6a0e13d9096be5f104"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
6061739 14404867
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_whatsapp_image_2023_12_09_at_10_29_12-33064827.jpeg
midias.em.com.br/_midias/jpg/2023/12/09/330x220/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/09/330x220/1_whatsapp_image_2023_12_09_at_10_29_12-33064827.jpeg?20231209103112?20231209103112
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2063c61a28675f84cba5435a2e808552357f97aa32e187e185343ad6c716f3ed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/09/330x220/1_whatsapp_image_2023_12_09_at_10_29_12-33064827.jpeg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
SMJN3DP0E9HASBC2
age
76
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/09/330x220/1_whatsapp_image_2023_12_09_at_10_29_12-33064827.jpeg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
14828
x-amz-id-2
sMYatGHvJ/vJ7XNzdMQ00BrxBrrkKTT3YppjQOG0bLZjr6h/Zza8Wy03bB2SORy+MH9zhr1S6UE=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 13:31:03 GMT
server
AmazonS3
etag
"86c195074f4c86a4b80cf5b1f9880d3d"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
23310032 22847886
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_batida_frontal_entre_carro_e_carreta_deixa_um_morto_na_br_365-33064099.jpg
midias.em.com.br/_midias/jpg/2023/12/09/330x220/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/09/330x220/1_batida_frontal_entre_carro_e_carreta_deixa_um_morto_na_br_365-33064099.jpg?20231209090620?20231209090620
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1da62fde5c639796f482fceef768f9024d753165047f98962427937831331f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/09/330x220/1_batida_frontal_entre_carro_e_carreta_deixa_um_morto_na_br_365-33064099.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
E2NXM0GAF6ABXY7Y
age
25
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/09/330x220/1_batida_frontal_entre_carro_e_carreta_deixa_um_morto_na_br_365-33064099.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
28206
x-amz-id-2
Tu647ogtUW2xn4/79UylJi5BdM1/9J8fUfO16iQt/Nb2bRXm1ZQV4jHrHDGWS8WNZQCclnvA+lc=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 12:04:25 GMT
server
AmazonS3
etag
"9556c5c4f0b93e7093dcacab986c04ae"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
24064651 9953275
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_homens_sao_presos_suspeitos_de_furtar_carnes_do_frigorifico_onde_trabalham-33063372.jpeg
midias.em.com.br/_midias/jpg/2023/12/09/330x220/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/09/330x220/1_homens_sao_presos_suspeitos_de_furtar_carnes_do_frigorifico_onde_trabalham-33063372.jpeg?20231209082120?20231209082120
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f195a923dab718f079d1ba6607322bd395c5e246569f815f7b266db76116fd1d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/09/330x220/1_homens_sao_presos_suspeitos_de_furtar_carnes_do_frigorifico_onde_trabalham-33063372.jpeg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
TDB2X29TDZ3WAR1D
age
58
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/09/330x220/1_homens_sao_presos_suspeitos_de_furtar_carnes_do_frigorifico_onde_trabalham-33063372.jpeg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
30400
x-amz-id-2
+DOWQGjMy6ckl9+7HycY0QQ8ypDWAP+Lext1shGZT3FFJPlmLWPR+TEh6oWROb5B9xBmkXIIA8g=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 11:17:55 GMT
server
AmazonS3
etag
"df0fc49cd176ab1b74d593ef6b2283af"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
14395583 21606914
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
sobrecoxa-2.jpg
www.em.com.br/_midias/parceirosHardnews/20231209/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.em.com.br/_midias/parceirosHardnews/20231209/sobrecoxa-2.jpg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b4a218191162776239931595fca9726278c948bb42e3fb69115174eb6cffde10
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:14:59 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/parceirosHardnews/20231209/sobrecoxa-2.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
4RX32JKD2FGPNMKH
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/parceirosHardnews/20231209/sobrecoxa-2.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
15576
x-amz-id-2
ESc5Rr1YIzfZfcp4qxbRORe1lk0KrYO5GCR/J0cXfI6Yl4yHRjukQ5UnEkWpI9ORYYVNYtr91J0=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 11:10:24 GMT
server
AmazonS3
etag
"51e2a41bcada0101f41d4e33e26c02eb"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
24352995
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
provedores.jpg
www.em.com.br/_midias/parceirosHardnews/20231209/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.em.com.br/_midias/parceirosHardnews/20231209/provedores.jpg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47bb0f37080ccfc30c693d34e475116572dd38e358f03708fd12d31486c3b1a6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:14:59 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/parceirosHardnews/20231209/provedores.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
13KVBX5EYMYPF1XE
age
17
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/parceirosHardnews/20231209/provedores.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
8875
x-amz-id-2
bG/Sw4jF4F+iunvarH0mMk1KBgQxMJTKvY8vsbmg6SQDzPVkvq25V0y2WVI3z39h8dIdgfe7udE=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 06:24:15 GMT
server
AmazonS3
etag
"72d51ba20cc9f26a346ad0b8ceb428a4"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
5699037 21991012
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
estado-de-minas.js
embed.dugout.com/v3.1/ 		585 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.dugout.com/v3.1/estado-de-minas.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2400:8:ced9:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0fc2dd0c486b1d6340f3f05fd679c26037ed5b2f92ff939de331b2c0626fdd5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
content-encoding
gzip
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA53-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
x-amz-cf-id
RykcDnIcFb9y8Hm1DgqRq9wldTOP7L-JvDT4mAbCC90VUCgtOt7KUQ==
Brasil-oficializa-candidatura-como-sede-da-Copa-do-Mundo-feminina.jpeg
www.em.com.br/_midias/noataque/20231209/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.em.com.br/_midias/noataque/20231209/Brasil-oficializa-candidatura-como-sede-da-Copa-do-Mundo-feminina.jpeg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2a65cae050542e3585a6f0d8b78f2df68d6f0a6424e94466f585f846ed9fee0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:14:59 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/noataque/20231209/Brasil-oficializa-candidatura-como-sede-da-Copa-do-Mundo-feminina.jpeg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
YZYX0T8MNG1HEK50
age
118
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/noataque/20231209/Brasil-oficializa-candidatura-como-sede-da-Copa-do-Mundo-feminina.jpeg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
13002
x-amz-id-2
sSa7GP+N3b9LvpPxjK8FdVcf4LSnWcjpkXF7FAASo3ow1jPp5BgwP7ccEbjQ+lE42pGeIGcxbUs=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 15:46:30 GMT
server
AmazonS3
etag
"106de12009271b602db810fe6d5a0aa6"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
16081725 17961986
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
Comissao-tecnica-do-Palmeiras-2.jpg
www.em.com.br/_midias/noataque/20231209/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.em.com.br/_midias/noataque/20231209/Comissao-tecnica-do-Palmeiras-2.jpg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9945b11548b197af8d011926f6758b2278e9f8032bcb99d7588b6f2f1be90dc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:14:59 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/noataque/20231209/Comissao-tecnica-do-Palmeiras-2.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
8XHV7FBV80STW4TA
age
74
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/noataque/20231209/Comissao-tecnica-do-Palmeiras-2.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
19046
x-amz-id-2
ZX/k8XndiQP0Bjigjy/f73v+pJyELdrpL6511oRHDJcgmqW0XJHvR8bRdDriXElAMgYL2D9M+hk=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 14:58:37 GMT
server
AmazonS3
etag
"0e056afa548c91f987291e499f54de18"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
21617499 21461149
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
Filipe-Luis.jpeg
www.em.com.br/_midias/noataque/20231209/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.em.com.br/_midias/noataque/20231209/Filipe-Luis.jpeg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eebb258ecb3b636fb3771b4b9159a469216b59722582286ba68d1fe948e7e509
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:14:59 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/noataque/20231209/Filipe-Luis.jpeg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
NW0JYVCW5YMQWYFP
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/noataque/20231209/Filipe-Luis.jpeg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
13276
x-amz-id-2
18Tn3tGPrqaRjo9e/D8XXst0ZPCNFJI2qXY/KCZNMbYtsHxlmAydQrH4G5PrW404Uo/jlLutSpM=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 14:09:24 GMT
server
AmazonS3
etag
"6cb7137a9c19b9adf083a8fc38542204"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
15399202
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
alexandra-kalil-.jpeg
www.em.com.br/_midias/aqui/20231209/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.em.com.br/_midias/aqui/20231209/alexandra-kalil-.jpeg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
77d8a017f6033626102fdf13de83dfd8e009fa84f0360d9de0f6b234e30daffb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:14:59 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/aqui/20231209/alexandra-kalil-.jpeg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
MPJMYAN8ZYS3NAFQ
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/aqui/20231209/alexandra-kalil-.jpeg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
11920
x-amz-id-2
zOjIYwLeu2zHOFxRgeTvi9G3il1h9rlV4PhgDt54zlmMWc/cm7kHWjqJb/S+sygLwX5M+9HC8hM=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 06:01:20 GMT
server
AmazonS3
etag
"10d75296950d5525c1642419f2d0b463"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
8244110
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
20231209110504671371o.jpg
www.em.com.br/_midias/entretenimento/20231209/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.em.com.br/_midias/entretenimento/20231209/20231209110504671371o.jpg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23381a3edca7326a05ff5f071715a458bb8ac4cbad410e0941f90c5b8ad49f8c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:14:59 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/entretenimento/20231209/20231209110504671371o.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
NW0S3BN9CQJ5MQRM
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/entretenimento/20231209/20231209110504671371o.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
13163
x-amz-id-2
PZohpHvN4D/rVVAW8yspbcDsAl9kAidAl3CehCCArzBnlvnUGTeiF02ww4MQ5mojrKJs3AWgY8c=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 14:09:24 GMT
server
AmazonS3
etag
"d8afd1d07bbcb71cd64424b6b8c415ee"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
14406635
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
20231209121833186366o.jpg
www.em.com.br/_midias/entretenimento/20231209/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.em.com.br/_midias/entretenimento/20231209/20231209121833186366o.jpg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10185b10013820e508ccca945aa7ce08e45865e0eeac8e3c4a2b78b99ec311a9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:14:59 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/entretenimento/20231209/20231209121833186366o.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
YZYM5HE070QADAHY
age
118
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/entretenimento/20231209/20231209121833186366o.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
5182
x-amz-id-2
62i5q4WXgBt5varbAdPaBbOxThuoxWHrYNOt94pZ9AgD2upmhP9v3RR3O+DmxTdZxAScDNaqxro=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 15:40:00 GMT
server
AmazonS3
etag
"324420027abe778c5756e5f7c8778e93"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
25761943 14330811
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_wear4charge0612-32947590.jpg
midias.em.com.br/_midias/jpg/2023/12/05/545x380/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/05/545x380/1_wear4charge0612-32947590.jpg?20231205214323?20231205214323
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e778882a2500333f88f3ff359e2f884564ab96041642e718c530e31772d83bf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/05/545x380/1_wear4charge0612-32947590.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y7C7S9WRF2PT0R3Q
age
48
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/05/545x380/1_wear4charge0612-32947590.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
40164
x-amz-id-2
M6Z0ZvUC3S3/sL+f3sPWypNgo2A4RHJ8yHKgKsXjMb/9QLh0OU7joycc09AMvoBLggnjbPuWkXI=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Wed, 06 Dec 2023 00:43:30 GMT
server
AmazonS3
etag
"761b11bde5e74f8d402ec5e408331eba"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
9745547 9347318
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_wear3chargeacessibilidade-32906098.jpg
midias.em.com.br/_midias/jpg/2023/12/04/545x380/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/04/545x380/1_wear3chargeacessibilidade-32906098.jpg?20231204223351?20231204223351
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf7e0329f4a0a3e793fe28c057124500be62b4f108c3a16ac0b414187ee9c5b8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/04/545x380/1_wear3chargeacessibilidade-32906098.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
CFZVBFBW5H3THZWA
age
15
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/04/545x380/1_wear3chargeacessibilidade-32906098.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
38737
x-amz-id-2
REvhYAN7OaiHFK1BY0ks6NZOqi6+ZQGB2sHbcqzsuz2+FbroDrEe0Jg0ec/68iL04ryEOcAN8bk=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Tue, 05 Dec 2023 01:33:44 GMT
server
AmazonS3
etag
"53619eef369d6eee041d16364786a080"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
28152628 26383743
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_wear6chargeia-32300970.jpg
midias.em.com.br/_midias/jpg/2023/11/16/545x380/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/11/16/545x380/1_wear6chargeia-32300970.jpg?20231116211631?20231116211631
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccf0c4e5bad2cd6f6c98b60ebb23d7a0ae0556c6703376579c0f3801dc7d6b5d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/11/16/545x380/1_wear6chargeia-32300970.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
BPESYSVCX8AWJ1AB
age
11
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/11/16/545x380/1_wear6chargeia-32300970.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
30193
x-amz-id-2
R4aNL4+tFoyu26CtBh1rUlNoTByQBjqVL4JtEDS1KwWPjzNg8CKKhqRqvsfBRWGcPLTFfRbSMlc=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Fri, 17 Nov 2023 00:15:34 GMT
server
AmazonS3
etag
"e12cbb6e00ef13c5862c8def8272dd40"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
3881023 382687
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_wear7chargeguerra1-32121323.jpg
midias.em.com.br/_midias/jpg/2023/11/10/545x380/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/11/10/545x380/1_wear7chargeguerra1-32121323.jpg?20231110221002?20231110221002
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
75d9c00f76b574a2b7a591ae5ee6969d9e23b9aa7c527e1a648e2e6c0da5ca40
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/11/10/545x380/1_wear7chargeguerra1-32121323.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
W2Y19RP9ZSBRE820
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/11/10/545x380/1_wear7chargeguerra1-32121323.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
36096
x-amz-id-2
9bhnjbp5YWTuZN1fIY2wmGsmCpQgYysOUyvEMnUu+IkgRdM7pP2yzLWfNIXG3hiFBxfH9/ZPGcg=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 11 Nov 2023 01:09:30 GMT
server
AmazonS3
etag
"eeb4104c6b4da4adcbde8cf8ecc939f1"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
10724445
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
charge_1_55499.jpg
midias.em.com.br/app/noticia_127983242361/2023/10/24/1581052/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/app/noticia_127983242361/2023/10/24/1581052/charge_1_55499.jpg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
272b7dc595eec42b41ed916b759ac267e759820b4f9112901d3ce4d1cb3be984
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
via
1.1 varnish-v4
x-debug
midias
x-url-without-qs
/app/noticia_127983242361/2023/10/24/1581052/charge_1_55499.jpg
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
FB401S9E9MRH05KA
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/em/app/noticia_127983242361/2023/10/24/1581052/charge_1_55499.jpg
x-ua-device
mobile
x-host
bhfotos1.s3-website.us-east-2.amazonaws.com
content-length
55499
x-amz-id-2
JO6Mfn1h9Bpo9uEg/NA/oBz37ZAgdWqV6pzJuAJWsQvnes5jzGLmDAfCC4DylVK2pRddri5WG58=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Tue, 24 Oct 2023 01:33:44 GMT
server
AmazonS3
etag
"54bd4d99976a1ac2f67a24d9b90cbff0"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
22610029
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
actionsHeader.js
www.em.com.br/static/js/ 		351 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.em.com.br/static/js/actionsHeader.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9edb39411fafc977bb830ee89662ae5c539a94f3d296817e6eebec977496dd06
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:14:59 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/static/js/actionsHeader.js
x-debug
else
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
857J4QK4W9MJKP0E
age
10
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-encoding
gzip
x-url
/home/em/public_html/static/js/actionsHeader.js
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2
nhIwFSdwYoFzF2fXmOzl7s3ehBnCspOx8sPOSz2h0UMzAxmXgu63KhrbPP80emTuqlbbpWN1flI=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Thu, 02 Nov 2023 17:24:57 GMT
server
AmazonS3
etag
W/"bb9dd1943cb775d9fbb3b2bf52fb8fc9"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
x-varnish
7438928 2492354
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
capa.js
www.em.com.br/static/js/ 		917 KB
266 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.em.com.br/static/js/capa.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80bd0e84cf3e48d489514a948e88b09bcaa1a7208407566ec9c0c200adf01e46
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:14:59 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/static/js/capa.js
x-debug
else
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
JNZGF9QF93PRKXS8
age
52
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-encoding
gzip
x-url
/home/em/public_html/static/js/capa.js
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2
0AndR989IINHuhDBVlRR0AwzjG9GoI+QvIiNK+rsyEF28TsXZoU7hakNrYMDAWxzDwW5ysqt7QY=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Thu, 02 Nov 2023 17:24:57 GMT
server
AmazonS3
etag
W/"ab0aba7c0b0d82727e5a5c343e74d34b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
x-varnish
3411012 2230640
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
swg.js
www.em.com.br/static/js/ 		401 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.em.com.br/static/js/swg.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6b8e0e0d438ecc28c4bb0bb3dbdf9b9762252c85d774843758f9d83e0244ec3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:14:59 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/static/js/swg.js
x-debug
else
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
P9HRHQVK0Y9J98B8
age
314
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-encoding
gzip
x-url
/home/em/public_html/static/js/swg.js
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2
l16uSRkKeOxi67jBMgalmePM3bxarOVsjGv5ykG14LxWQgfEuFpoJESzEgbGmNRTnAkYMJI6VQI=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Wed, 01 Nov 2023 17:20:40 GMT
server
AmazonS3
etag
W/"950dcebf0460fbbf38c71f4b3ae560bb"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
x-varnish
590203 884739
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
loader.js
cdn.taboola.com/libtrc/diariosassociados-em/ 		919 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/diariosassociados-em/loader.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08a5d25b26184651be9a44bc444434e943ac1d9acd67e17bc9e6f0ef31d1f33a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
CAKob1ZYGBRMxe47AMqCwg7VfFT_LfZl
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-request-id
M17JV785T8V9BJNA
age
7862
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
66824
x-amz-id-2
VqLsKdfa6/jwTQ7NO/c2g5Z4Yk+xQQivyNAPfK6HLc0QmhY42t6TQRFzvQmawygiQZcEIuAJ5hI=
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Sat, 09 Dec 2023 20:01:54 GMT
server
AmazonS3
x-timer
S1702160100.144328,VS0,VE1
etag
"7d7a5bfe9b1fd131da50f60235354ae5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
36
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
gtm.js
www.googletagmanager.com/ 		247 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8fa7a4a7640888a83f0bb2f74c2007f440adaa1786bcc7a2d76dba05d13ccdba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85235
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Dec 2023 22:15:00 GMT
sdk.js
connect.facebook.net/pt_BR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
876f64800eddd600e46bf7b49c432bd929db8a738552559b2ea96e46ede87181
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 22:15:00 GMT
content-md5
GLmmvN+7J+9Hm6kE/jLCPQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
+GIwWLdNEziC4zaClmmQhiq+KA3OJA82CUb8sxqIiO8FyRG215c1T0uE4DXTKR295nv9YaSOT4wknbLCF9WhWw==
x-fb-content-md5
6bc812c7df94f53cf9196501daa138ad
cross-origin-opener-policy
same-origin-allow-popups
etag
"d5e1e910efb20cd45703cab0aeb3cf11"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 09 Dec 2023 22:32:48 GMT
roboto-regular.woff2
css.em.com.br/em/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css.em.com.br/em/fonts/roboto-regular.woff2
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/static/css/capa.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
a0516d91dead3fa38bef64683d087460753209e723db56ce3ee1fcb1dbd84162
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.em.com.br/
Origin
http://www.em.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 26 May 2017 18:17:48 GMT
server
nginx
etag
W/"55e5bdf4-4d20-550715ac5eb00"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sat, 16 Dec 2023 22:15:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:48:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
5163
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138293
x-xss-protection
0
server
cafe
etag
11350998454379829730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Dec 2024 20:48:56 GMT
sdk.js
connect.facebook.net/pt_BR/ 		297 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=c5fa12e0f7485f9fcffd705de3f68a53
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e93f8475c215cc2ac3f301287a86f8861ab3b0488ea635fadc3eb559699f28a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.em.com.br/
Origin
http://www.em.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 22:15:00 GMT
content-md5
UJO+iGsFbzGvYhFxshX3Ww==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86917
reporting-endpoints
x-fb-debug
DA2iLpmL2DBqba6KqeRoN6csY48DyFGp8KCC4LLxyTQwK5w2PEMLwZVhjCDnbAzKrfdi5W0SqQyYpoasUmHjkg==
x-fb-content-md5
b04ca744672fcc1207f1a08404334ce5
cross-origin-opener-policy
same-origin-allow-popups
etag
"f2f711f95fcf36c53711372884c22438"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 08 Dec 2024 22:12:48 GMT
b98d1f1e-45a7-4109-8231-388e4bf117c0.js
cdn.pn.vg/sites/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/sites/b98d1f1e-45a7-4109-8231-388e4bf117c0.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/pushnews-launcher.js?appId=b98d1f1e-45a7-4109-8231-388e4bf117c0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9524d2ae6e61c459599fa14533a3ec11f76e5f3360dd56bc1095b945e7bfb70f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
via
1.1 2f1f2b9dead1700acb398fe109f37844.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LHR5-P5
age
6174
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 20 Nov 2023 18:35:09 GMT
server
cloudflare
etag
W/"658b927186496ba6c65c83aeb0f08d47"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFRmk9uiiYf0t91Zbpzn4jgjgMM%2FzsjGFiLt2Waa1LgnYCkVxBJEhEIbtb3PTiPenHQgjPf4Lq5k1cfAkNiAP1ZbMCfyKzmyaGsIsuOVZYdnWLZTH4Thq5PlaoRuo5qFLn6vE98z6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
83309ab18fd79158-FRA
x-amz-cf-id
YnLfFbdKHUg34s40ibrhNxk5jnx-mlBQMGpz0SOOA7HJGaBhNWhOQA==
89454
tag.navdmp.com/u/ 		507 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/89454
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05a4a88f417264926d8c52323a80416fed1bd8162185a490021b10a5318b4971

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 17 Aug 2023 12:40:42 GMT
server
cloudflare
etag
W/"64de154a-1fb"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
83309ab19c6e9034-FRA
expires
Sat, 09 Dec 2023 23:15:00 GMT
e896768a-4818-43b9-8848-9bdc9a567fdb
config.aps.amazon-adsystem.com/configs/ 		537 B
802 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/e896768a-4818-43b9-8848-9bdc9a567fdb
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-30.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
0c40cb69307b8caa0699456190ccf595475b5ddfeb1ad5a6dbb07b4fc72777a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:46:39 GMT
via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
1701
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
6E_RAJLoVG0IMseC_H9YgCjMxm5IAYR7wus2LsYXuxaIAwniMEngLQ==
config
c.amazon-adsystem.com/cdn/prod/ 		647 B
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=http%3A%2F%2Fwww.em.com.br&pubid=e896768a-4818-43b9-8848-9bdc9a567fdb
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
6a168c5162134320b24bd4d33dcc17aca8607090021f791cffc523d6463e19fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 17:41:54 GMT
via
1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
16385
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
http://www.em.com.br
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
647
x-amz-cf-id
20jZR_BCDU8vLozrD0oIeSF1dK3Hv89VW4IdfK41w_w1RvXk-S859w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 05:14:50 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
61210
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
TH7roRm5XewTi-JcO9XLO4kMAqnA1BlKtQAqfjZB2cVy8phs7I1JhA==
sprite.48.svg
imgs.em.com.br/em/ 		297 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.em.com.br/em/sprite.48.svg
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/static/css/capa.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
4cf753c1ce23c690959ba1b59e6527be184cd38e332499514daea51b4292d0d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 26 Sep 2022 18:39:26 GMT
server
nginx
etag
W/"726dc57-4a3c4-5e998d8e6efe6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sat, 16 Dec 2023 22:15:00 GMT
sprite.46.svg
imgs.em.com.br/em/ 		204 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.em.com.br/em/sprite.46.svg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
95d9e987f13cab8761ab808e0535802234afee17ae943deab91994e67ab6c3ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 16:27:41 GMT
server
nginx
etag
W/"b7246da-32ff1-5d112a3339324"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sat, 16 Dec 2023 22:15:00 GMT
pattern.png
imgs.em.com.br/em/ 		110 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgs.em.com.br/em/pattern.png
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/static/css/capa.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
12e5c96d95cc1c88a0c18625024b221fa7f7ad7e4069740f3217b87a79a44b31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 15 Sep 2017 18:26:29 GMT
server
nginx
etag
"174e4065-6e-5593e880dbf40"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
110
expires
Mon, 08 Jan 2024 22:15:00 GMT
merriweather.woff2
css.em.com.br/em/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css.em.com.br/em/fonts/merriweather.woff2
Requested by
Host: www.em.com.br
URL: https://www.em.com.br/static/css/capa.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
53be0578f87f1f73d305110acb20730521d0056775c76d688a5008c7781c7180
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.em.com.br/
Origin
http://www.em.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 26 May 2017 18:17:48 GMT
server
nginx
etag
W/"55e5bdf2-5b98-550715ac5eb00"
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=604800
expires
Sat, 16 Dec 2023 22:15:00 GMT
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/44d19ce5-a5ad-423d-866b-33f5250330fb/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/44d19ce5-a5ad-423d-866b-33f5250330fb/launchpad-liveramp.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.27.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-27-14.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbc0a19af52226a93e42bc25c8896146174763c549ed22e6708b8db85db5641d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 07:16:46 GMT
x-amz-version-id
OU1YUP7a9LDvt3kqgXcmD3JxbGQ0Oc42
content-encoding
gzip
via
1.1 0455d1ec539ef7b27f0e90c40cf5cc10.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
53895
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Fri, 21 Jul 2023 16:46:52 GMT
server
AmazonS3
etag
W/"506b77334f6f1b5820e62dd0b41d4b37"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
IJvKXdeiwX9aHCv8a7pFHUhGxXpVTcvCqcIr8gTD3LcTmfAc5-eqcA==
ads
securepubads.g.doubleclick.net/gampad/ 		239 KB
59 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2205472116647278&correlator=3321216246513182&eid=44777897%2C31079527%2C31079575&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=6887%2Cuai%2Cem%2Chome%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&didk=3472979026~4171492952~2508136072~35042332~2631747159~2109236466~2109236465~2109236464&sfv=1-0-40&ists=255&fas=0%2C0%2C0%2C0%2C8%2C0%2C0%2C0&eri=1&sc=0&cookie_enabled=1&abxe=1&dt=1702160100231&lmt=1702137450&adxs=0%2C0%2C0%2C0%2C-9%2C0%2C0%2C0&adys=0%2C0%2C0%2C0%2C-9%2C0%2C0%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C-1%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fwww.em.com.br%2F&vis=1&psz=1600x3234%7C1600x3234%7C1600x3234%7C1600x3234%7C0x-1%7C1600x3234%7C1600x3234%7C1600x3234&msz=0x0%7C0x0%7C0x0%7C0x0%7C0x-1%7C0x0%7C0x0%7C0x0&fws=0%2C0%2C0%2C0%2C2%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1616538923.1702160100&ga_sid=1702160100&ga_hid=1556597112&ga_fc=false&dlt=1702160099794&idt=368&prev_scp=formato%3Ddhtml-1x1%26pos%3D2%7Cformato%3Din-image-1x1%26pos%3D3%7Cidentificador%3Dpublicidade-slider-1x1%26formato%3Dslider-1x1%26pos%3D4%7Cidentificador%3Dpublicidade-slider-1x1-extra%26formato%3Dslider-1x1-extra%26pos%3D5%7C%7Cidentificador%3Dem-publicidade-patrocinio-1%26formato%3Dpatrocinio-1x1%7Cidentificador%3Dem-publicidade-patrocinio-2%26formato%3Dpatrocinio-1x1%7Cidentificador%3Dem-publicidade-patrocinio-3%26formato%3Dpatrocinio-1x1&cust_params=unified_id%3Da88124de-f5a1-4359-aee5-28315b74119d%26user_type%3Dguest%26paywall%3Dtrue%26testeab%3D3%26resolucao%3D1600x1200%26urldata%3Dhttp%253A%252C%252Cwww%252Cem%252Ccom%252Cbr%252C%26titleofpage%3DJornal%2520Estado%2520de%2520Minas%2520%257C%2520Not%25C3%25ADcias%2520Online%2520-%26tagsofpage%3D%26reload%3D0&adks=937864173%2C719578880%2C358948280%2C2774688984%2C3975483387%2C354791774%2C354791775%2C354791768&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ec11d6f4b5719c46aaf605565d7277e94f19868af76da4a2eccb26c53c68428
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60414
x-xss-protection
0
google-lineitem-id
6107032441,6414384420,-2,-2,-1,6416173569,6423128607,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138403973226,138454737156,-2,-2,-1,138455913469,138457600084,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 50AB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 22:15:00 GMT
expires
Sun, 08 Dec 2024 22:15:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8bbaf7f99000c8db41dc83a3391f120b31bb8fc88dd9bdb5ce4050f59c56eda8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 13:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
29932
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13834
x-xss-protection
0
server
cafe
etag
17155732702192029938
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 08 Dec 2024 13:56:08 GMT
ilabspush.min.js
cdn.pn.vg/push/ 		231 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/push/ilabspush.min.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/b98d1f1e-45a7-4109-8231-388e4bf117c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b27ea1a597eeb9af27c5e1594041e8338fc6bf9004080ac6d74ec354f94a1d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
via
1.1 dd9d266e3b8d8f3acf05baa4f4949342.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LHR5-P5
age
3084
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 07 Dec 2023 15:50:00 GMT
server
cloudflare
etag
W/"182fca27d735cd93c2d2c43afeb41bef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PoL7ejb5Mr6Jutf5dw4wBxFMvzVJPSqYdbD3QsN93EA3GKGzlVeSR9D61S5EZKnFzYajt8fCqQSYelavva24udZIkkWnMKBIo%2FMqbGd8inNXokLpVCn1hiw%2Bv5Q6WI4VzVpjgCvY3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
83309ab3ca049158-FRA
x-amz-cf-id
ZF8Xs28ch9yBnpaxWytsA2WPbxIQhd4EQKrme20oM16YdryARi_9uQ==
load.js
pm-widget.taboola.com/diariosassociados-em/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/diariosassociados-em/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-em/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e9778e94d326ed6da8b069c5870e679fd878464e3060a70ab70207d84471ca92

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
OcN73Q2VE8Tet9LjtUKXqXBBl6WAdk6a
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-request-id
KEY0ER3B4R2SDCXW
age
187
x-cache
HIT
content-length
1190
x-amz-id-2
qh9fP3ioZX1TPOMlrkWJrEvg6McrQzmfqu6RN8nKZ2e5bhOwdfFFfbX1UMz3BwcuwFn+VE32m6Q=
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Fri, 29 Sep 2023 08:44:17 GMT
server
AmazonS3
x-timer
S1702160101.538118,VS0,VE3
etag
"41d72421577164459bef8268c3a8e62f"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1
impl.20231207-12-RELEASE.js
cdn.taboola.com/libtrc/ 		819 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231207-12-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-em/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
ddff624349b5a6a215933510cc0351bd1caecb36ffbc09de71ae04e60a6bcc0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
Mhb0FGAcBXo50kmRZY65RdfvNFTxz7i6
content-encoding
br
via
1.1 varnish
date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-request-id
M0RH4PRHWQ4W06JV
age
3476
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173829
x-amz-id-2
QWQr+8BoT2NBqlzk85TzmkkELUP4ltMwWP3GRFAqAtGUDWdR2pqd+aSouwIN4FSdCAQOtFQdf4Q=
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Thu, 07 Dec 2023 13:09:17 GMT
server
AmazonS3-br
x-timer
S1702160101.537338,VS0,VE0
etag
"9356e9f99a129d14bc990a23e0a86d44"
vary
Accept-Encoding
content-type
application/javascript
abp
88
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2370
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		126 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/44d19ce5-a5ad-423d-866b-33f5250330fb/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-70.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1548aabd8c69698cd8f0247200a23f032283ebe6598bbc1cf166738ca8fcf332

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
rdrhieZQC2WprZTCGMCd_who_ZPxalVg
content-encoding
gzip
via
1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 21:46:07 GMT
last-modified
Thu, 07 Dec 2023 13:00:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
1734
x-amz-server-side-encryption
AES256
etag
W/"c1b3b71914ce20f869f6824fcd85078d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
ty9Oa08ieJPBJ3abrDZ5yaq7tF5Qz514l7hculTgzCMpK2TtJKMoUA==
usr
usr.navdmp.com/ 		359 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=89454&u=1&new=1&wst=0&wct=1&wla=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03ff69f9784b7bbbd136ef5c44b95032aefb5bc976d01896876a020219a72be6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
public
date
Sat, 09 Dec 2023 22:15:00 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
83309ab48ec69034-FRA
expires
Sat, 09 Dec 2023 23:15:00 GMT
js
www.googletagmanager.com/gtag/ 		257 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KFBFMPM6S4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f6010a78b9c16880b83cfa2a9b99e242d8bce1f179c0a516e946394bdacce0b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89362
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 22:15:00 GMT
centralizador.html
barra.uai.com.br/ Frame F329 		739 B
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://barra.uai.com.br/centralizador.html?origem=http://www.em.com.br/
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
nginx /
Resource Hash
926cfdbcb7e64be5b911524c61c376f4d33faa2535486a2cebadb34153ed7529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=2592000, s-maxage=1296000, proxy-revalidate, stale-while-revalidate=19
content-encoding
gzip
content-type
text/html
date
Sat, 09 Dec 2023 22:15:00 GMT
etag
W/"58a88be0-2e3-54fe3383940c0"
last-modified
Fri, 19 May 2017 16:43:23 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
t3m.js
tags.t.tailtarget.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-10258-0/CT-142
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
729ef5dba5dd3dfa5fb679668748d75561ac5f610d818a6ba8f057e8040112b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:54:57 GMT
content-encoding
gzip
via
1.1 google
age
4803
x-guploader-uploadid
ABPtcPruiy--U0s3xDyMjQlHsWkh3ewreUX_NNAKw_rogKkVG8NYAr_6kShzfZ8KH2z0fEFyy3E
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6274
last-modified
Fri, 25 Oct 2019 19:37:34 GMT
server
nginx/1.8.1
etag
"664b1613d7439b3addaf3096d741aa27"
vary
Accept-Encoding
x-goog-generation
1572032254559073
x-goog-hash
crc32c=PgMIjQ==, md5=ZksWE9dDmzrdrzCW10GqJw==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
6274
accept-ranges
bytes
expires
Sat, 09 Dec 2023 22:54:57 GMT
pushnews-sw.js
www.em.com.br/ 		95 B
916 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.em.com.br/pushnews-sw.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e55ff825d7664e533f64f8430a9782e343bf2b4f000dd7e230a6b01a7495a61
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/pushnews-sw.js
x-debug
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
12VDF5R0XCY9926N
age
37
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-encoding
gzip
x-url
/home/em/public_html/pushnews-sw.js
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2
xEZVbuc1f+VL3PQJIj5QO+mcpDP+bMwBaE+YUFCUVDOiJxjyc4MAh4B0gIVDAGMgYeoDVZzIOKw=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Tue, 07 Nov 2023 21:14:32 GMT
server
AmazonS3
etag
W/"da42f00ab5402a7b6ed4c9cfb3167fe1"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
x-varnish
65724 753673
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
map.js
js.adscale.de/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/map.js
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:3e00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8b99561873fcbdc0f632128e188469c973ed41b26147cd56fbd05dd8c70e172

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
sUZKPT.1y7trBGovGpoCvsSiih60zzLP
content-encoding
br
via
1.1 eb7b239aed47669f8a7b6ac95bc8aff0.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 21:48:16 GMT
last-modified
Fri, 08 Dec 2023 10:14:37 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
age
1604
x-amz-server-side-encryption
AES256
etag
W/"bb2519f07c2b375b30fd87c577394952"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=7200, stale-while-revalidate=86400
x-amz-cf-id
xpJO7LB1nb1Kvxnh3jCvYsoZLZtzzp7KocMLybx-WnIRWk9ZElm-qg==
ssusersync
tv.springserve.com/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tv.springserve.com/ssusersync
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.143.69 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-143-69.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
01ba44a168b74a3018d7347678897dece52b933e9625bc6421badc8cbfaa075e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 22:15:00 GMT
access-control-allow-credentials
true
server
nginx
content-length
6923
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
google-play.png
embed.dugout.com/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed.dugout.com/images/google-play.png
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2400:8:ced9:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b78a61b96c6dedea1627a6730922db1c911ce35722f032d4a7086891de33663

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 09 Dec 2023 22:15:00 GMT
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified
Mon, 15 May 2023 08:46:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
8
etag
"1c7ec440b1319aad2208f25cd63f34df"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
content-length
15218
x-amz-cf-id
wDCY1mQK2yDKSRA9VTPNsSN4YZrjD34dnPJjukAgg0D2gMTkgLCFzw==
app-store.svg
embed.dugout.com/images/ 		14 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed.dugout.com/images/app-store.svg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2400:8:ced9:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
706b208b8b90fc2ffd31212c127547653dee75f0ef0c8acfd29e4d4fb8d850f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
date
Sat, 09 Dec 2023 22:15:00 GMT
last-modified
Thu, 13 Apr 2023 10:52:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
3
etag
W/"9bb57a647636c49c28a8398e2ba11477"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
m9uOFj4Zkri8frCVDKnT-tlOEako3p09PApS6-Mz7OntSA1HVG46QQ==
pmk-20220605.10.js
pm-widget.taboola.com/diariosassociados-em/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/diariosassociados-em/pmk-20220605.10.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/diariosassociados-em/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08b06650757c02226215d9b21c075c230babd6b3f1c8dc92b21e4a1e8e3de10c

Request headers

Referer
http://www.em.com.br/
Origin
http://www.em.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
fmC1Vd5DIMVka4Itde7xswWN8zJYgsL1
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-request-id
XRRX7RAZR0YDQA1V
age
2241427
x-cache
HIT
content-length
22191
x-amz-id-2
J7VTNVIfzlZhJztDM/R0A4oPYZBAbyIcwW3oTLj4G8OukpbEVdLHveCNWCbDHX3dRpghdqLNxJQ=
x-served-by
cache-fra-etou8220090-FRA
last-modified
Fri, 29 Sep 2023 08:44:16 GMT
server
AmazonS3
x-timer
S1702160101.753094,VS0,VE2
etag
"6c99ac0206a1dda17472dde8929ceced"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1
undefined
scoring.deep.bi/score/4Dme4NTJxoPw/ 		0
0
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2588fd4572f8538aa86dc073a6cc587452c4a658dcbf38dde6511eada4ebfec8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
newsroom.js
c2.taboola.com/nr/diariosassociados-em/ 		67 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c2.taboola.com/nr/diariosassociados-em/newsroom.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf3b6fe29869190115eb9993292db2febc2e35b4612c2a89d6457d94da0c875b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-request-id
624MB1YSW1KEPK05
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
18126
x-amz-id-2
FsqkJBUil/igRFaK2pUh44Sq+fncwhzq9ZXFgzlFecbnJYO1w079CBHJcaof3HSlL3WuSHKlDIg=
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Thu, 03 Aug 2023 20:34:47 GMT
server
AmazonS3
x-timer
S1702160101.774215,VS0,VE194
etag
"415a833f3a5f6f56242277949aff867f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-cache-hits
1
1_ana_mendonca-31039582.jpg
midias.em.com.br/_midias/jpg/2023/11/01/120x120/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/11/01/120x120/1_ana_mendonca-31039582.jpg?20231102124805?20231102124805
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f507371c5a6b31b8b2af500d91c23f21bdd4e11cd221613b69f5d259f3faaa3a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/11/01/120x120/1_ana_mendonca-31039582.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
Y6XCKZRDF1H1DVRF
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/11/01/120x120/1_ana_mendonca-31039582.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
6377
x-amz-id-2
6mIqnrVXBz0RSVvG2f0BSc9B4q4RrtFEaGSUbUhHVcNK1Dj/XDddsEK1RwteU5cGFuNLAamFxVU=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Thu, 02 Nov 2023 15:49:30 GMT
server
AmazonS3
etag
"faadcfab839fdf9ffd37a0682814103c"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
14804950
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_colunista_tiago_baumfeld-31024938.jpg
midias.em.com.br/_midias/jpg/2023/11/01/120x120/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/11/01/120x120/1_colunista_tiago_baumfeld-31024938.jpg?20231102124853?20231102124853
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53b8b2f7cae39fa656971d0641b925ec36c12bb3a61d37970b85d9e7a1b5b16c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/11/01/120x120/1_colunista_tiago_baumfeld-31024938.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
ND0MG1793K6TKESY
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/11/01/120x120/1_colunista_tiago_baumfeld-31024938.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
3890
x-amz-id-2
UcqWySW7YM61QHyMlx0cq61EDuNBfeyQ3h1bc0iaPGAUMlSGMNzow/HM+F5e2wXBROYEaT6K64U=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Thu, 02 Nov 2023 15:49:30 GMT
server
AmazonS3
etag
"c8b137c0994e53f96b62d9d4bd09bc1c"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
12322807
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_colunista_helvecio_carlos-31596533.jpg
midias.em.com.br/_midias/jpg/2023/11/03/120x120/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/11/03/120x120/1_colunista_helvecio_carlos-31596533.jpg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd969993c116a6d755c7817f30ae43e7c9750ddab9f0457fb707f5fa1881fb93
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/11/03/120x120/1_colunista_helvecio_carlos-31596533.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
A24VKDTT8E8S8B10
age
269
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/11/03/120x120/1_colunista_helvecio_carlos-31596533.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
4682
x-amz-id-2
FWRLUJGirMY0pENw9idMn3ot2oNp+uUMhKg56PHhZTKURmnWyjHleKRT0BF1/rAoczD3E5YMevw=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Fri, 03 Nov 2023 13:04:55 GMT
server
AmazonS3
etag
"4588416de6fc53b496c461eb8fff99bb"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
3715812 212909
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
efi09122023-33062434.jpg
midias.em.com.br/_midias/jpg/2023/12/08/ 		344 KB
345 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/08/efi09122023-33062434.jpg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e4b624d21802f6f378ac0368fbc82aaebf4eed046ceb62c52527a7de9fedf60
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/08/efi09122023-33062434.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
T2HESV1TBC7K1V1F
age
82
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/08/efi09122023-33062434.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
352123
x-amz-id-2
GOpOo0TlzDaSSKQ17Y7cCMiSHEE4J7At0baKY+ZH3qSDDvxNahIn15JtNhHln1At7ckZm4to0/E=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Sat, 09 Dec 2023 02:36:54 GMT
server
AmazonS3
etag
"2a85c7f236e3a11923ca7e01632d9de1"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
11780123 14066813
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_colunista_anna_marina-31021741.jpg
midias.em.com.br/_midias/jpg/2023/11/01/120x120/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/11/01/120x120/1_colunista_anna_marina-31021741.jpg?20231103093437?20231103093437
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9758bec686933aebdcc3a08fba29448de47c5faae5b8bd07b4840217e62d00fc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/11/01/120x120/1_colunista_anna_marina-31021741.jpg
x-debug
else
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
FFE7FCFNXVK0WTGC
age
27
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/11/01/120x120/1_colunista_anna_marina-31021741.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
5408
x-amz-id-2
z6NBB1HxmDQsnKsCxxZfCdkVnOlroliXuV+aubGsWwP02PtI6gcimz3r3ud4stZMFOs8SHy4WeA=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Fri, 03 Nov 2023 12:34:39 GMT
server
AmazonS3
etag
"f297b7576fc7b8bdccf4b70cc4ffd0e3"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
14355756 22021704
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_wmc7anna-33060356.jpg
midias.em.com.br/_midias/jpg/2023/12/08/330x220/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/08/330x220/1_wmc7anna-33060356.jpg?20231208194952?20231208194952
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
febd6d5e2dd9d20877725e3f60711f107e2e2a712baaa4a1f61df9686e2f273c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/08/330x220/1_wmc7anna-33060356.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
C6MWBWTXF9WCFKQY
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/08/330x220/1_wmc7anna-33060356.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
31897
x-amz-id-2
jUiRc9DHdl8R/DTs2NKc88tOBPLfu1S7CPDe4jDhgNsdJYba/jk1/N7jk6NUzPX6FKg+1GNB6u8=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Fri, 08 Dec 2023 22:49:35 GMT
server
AmazonS3
etag
"0e9c555a27833b5ab2c634233db662b9"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
16954018
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_colunista_jaeci_carvalho-31024280.jpg
midias.em.com.br/_midias/jpg/2023/11/01/120x120/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/11/01/120x120/1_colunista_jaeci_carvalho-31024280.jpg?20231103092544?20231103092544
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4dec00ffc67e9f03c4cab417e8d1f27eeba6d79aec2d4edb2e3f93bc02c8be40
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/11/01/120x120/1_colunista_jaeci_carvalho-31024280.jpg
x-debug
else
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
C7K7D1AFQHWA2JZ4
age
31
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/11/01/120x120/1_colunista_jaeci_carvalho-31024280.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
4655
x-amz-id-2
1FdydfhbCotcSwZ3fc9BCY8bjp8JoCpNgRGIXCsgfar6IJ/nP+MByp+Xc8aHE5HKvHpdNhKV+o8=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Fri, 03 Nov 2023 12:26:05 GMT
server
AmazonS3
etag
"34490e5df6cfc6560d4bea1db5cc1a43"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
16747172 13635743
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_wes75127-33053773.jpg
midias.em.com.br/_midias/jpg/2023/12/08/330x220/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/08/330x220/1_wes75127-33053773.jpg?20231208183419?20231208183419
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c95a8c5004cfe5e0e400118ad0601c509d6d94fdb877a4af345603ac5c47be4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/08/330x220/1_wes75127-33053773.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
VJDPF08PZ5RYRHXV
age
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/08/330x220/1_wes75127-33053773.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
15393
x-amz-id-2
TYIY+aszbEVffk8cP83VJ5OOiIknhdJ5sxICCTWHC7fQhTkxvFJe/6WO6iXLVy8vhpUoLKzyIbw=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Fri, 08 Dec 2023 21:29:19 GMT
server
AmazonS3
etag
"5c0326cac38251d4799dc83ca9193adc"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
16954043
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
MISS
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_colunista_fred_melo_paiva-31024171.jpg
midias.em.com.br/_midias/jpg/2023/11/01/120x120/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/11/01/120x120/1_colunista_fred_melo_paiva-31024171.jpg?20231103130205?20231103130205
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef0959367ff11c84af542c4f7b75a7f93f2f752cef10e15d52e6bae527549322
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/11/01/120x120/1_colunista_fred_melo_paiva-31024171.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
1AENRFXM1PQNXBVP
age
46
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/11/01/120x120/1_colunista_fred_melo_paiva-31024171.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
4358
x-amz-id-2
Z/sMGnPxOH5TDyWR5XmbbUCVsSqEad6vXARab6U3FgJaLWhdZ7HDp4cLFwdSpUjrSfprQWzM5sg=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Fri, 03 Nov 2023 16:02:29 GMT
server
AmazonS3
etag
"cb68a06b91b4f36550800af00126758c"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
209471066 205743229
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_wes72760-33053155.jpg
midias.em.com.br/_midias/jpg/2023/12/08/330x220/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/12/08/330x220/1_wes72760-33053155.jpg?20231208182948?20231208182948
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c330137db0347dc6a56e5090cb4ec826c1d322ee56f0ef4bc40054ecd707fa2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/12/08/330x220/1_wes72760-33053155.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
26XRS0GTNSAAQHWF
age
180
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/12/08/330x220/1_wes72760-33053155.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
15698
x-amz-id-2
OvJDVDIe3heT+s5kcYZilbQVu17yrmepkk7ejJaXTgpV/MV34X5HU5L+iw8KWAZqbGM3zLXTawo=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Fri, 08 Dec 2023 21:26:07 GMT
server
AmazonS3
etag
"601d38227bb070eaba962964cf552788"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
19409367 3722344
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
card-interference-detector.20231207-12-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20231207-12-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-em/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee1bd6c6c0d14967abae5d591f718b6387386c22c71900fb3721c1e00cef2c5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
rIIQ9mApII4IOOC14dNhwodQy3hX94Bp
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Dec 2023 22:15:00 GMT
x-amz-request-id
X2JAC67P7FPVJWRJ
age
204843
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2181
x-amz-id-2
cuiqixJpjezrf3Ezn4a2E5m4qWSOdeDQxYTxlSefqfWVSkdmpPpeqD8fOVmd4PWTAtcIDIabzbA=
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Thu, 07 Dec 2023 13:20:51 GMT
server
AmazonS3
x-timer
S1702160101.827356,VS0,VE0
etag
"50c58ea58166237596b9e834cc2cc6fc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
84
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
111068
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231207-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
234772
expires
60
json
trc.taboola.com/diariosassociados-em/trc/3/ 		42 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/diariosassociados-em/trc/3/json?tim=23%3A15%3A00.834&lti=deflated&data=%7B%22id%22%3A546%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1702152107516%2C%22vi%22%3A1702160100831%2C%22cv%22%3A%2220231207-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.em.com.br%2Fhome%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22http%3A%2F%2Fwww.em.com.br%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7062%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22taboola-mid-article-home-page%201%22%2C%22orig_uip%22%3A%22taboola-mid-article-home-page%201%22%2C%22cd%22%3A1668.875%2C%22mw%22%3A337.5%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-a-new-1x4%3Aabp%3D0%22%2C%22uip%22%3A%22Mid-article-home-page%202%22%2C%22orig_uip%22%3A%22Mid-article-home-page%202%22%2C%22cd%22%3A6040.71875%2C%22mw%22%3A1350%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CMid-article-home-page%202%3Dthumbnails-a-new-1x4%3Aabp%3D0%2C%2Ctaboola-mid-article-home-page%201%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
96426268a90c453e486ce8291f4a41e477026e2f9100d175087f7e52a27bb088

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
424
date
Sat, 09 Dec 2023 22:15:01 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.866
x-fastly-to-nlb-rtt
7145
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230041-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1702160101.847162,VS0,VE424
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
http://www.em.com.br
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-59.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
http://www.em.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sat, 09 Dec 2023 22:15:00 GMT
via
1.1 82514a5a8cf35fb3132b0b5ab9cb724c.cloudfront.net (CloudFront), 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
x-amz-apigw-id
PskD0HOejoEEUMA=
x-amz-cf-id
OmXDER0mdE8aIZbcP3Hwe0bY3MU0qMCEQ0HAbYnhupJBg3MyD2SvDQ==
x-amz-cf-pop
FRA56-P3 FRA60-P3
x-amzn-requestid
e235ba42-e9b9-411d-8aaf-a68bdd0fba36
x-cache
Miss from cloudfront
/
geo.privacymanager.io/ 		28 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-59.fra60.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept
application/json
Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Dec 2023 02:00:21 GMT
via
1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront), 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
72879
x-amzn-requestid
3a290c0f-3cd4-4a1e-bcac-e5667b311d84
x-amzn-trace-id
Root=1-6573ca35-412bfe931b03592f642bc282;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
PpyIaHVzjoEEatw=
content-length
28
x-amz-cf-id
W6Zj730AdLGF6fOY6ga-C3B2nsdbbKM6yMO6MLeUtHdgcFCGmMMuHA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
collect
region1.analytics.google.com/g/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-KFBFMPM6S4&gtm=45je3bt0v884805283z876977402&_p=1702160099849&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1616538923.1702160100&ul=en-us&sr=1600x1200&_s=1&sid=1702160100&sct=1&seg=0&dl=http%3A%2F%2Fwww.em.com.br%2F&dt=Jornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%20-&en=page_view&_fv=1&_ss=1&tfd=1601
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KFBFMPM6S4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KFBFMPM6S4&cid=1616538923.1702160100&gtm=45je3bt0v884805283z876977402&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KFBFMPM6S4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KFBFMPM6S4&cid=1616538923.1702160100&gtm=45je3bt0v884805283z876977402&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1698710072
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1_mazzini_azul-32587762.jpg
midias.em.com.br/_midias/jpg/2023/11/24/120x120/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/11/24/120x120/1_mazzini_azul-32587762.jpg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
addf66c2238104c87752aaf7a7bed657ef4c09a89366068e53adfb1a8e375944
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/11/24/120x120/1_mazzini_azul-32587762.jpg
x-debug
XXXXXX
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
D8FEHHE42JSZ790S
age
43
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/11/24/120x120/1_mazzini_azul-32587762.jpg
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
4693
x-amz-id-2
gVYmiKq5P2gH5BL8CA9VYq0JiH9FIO28L77XkWSSPLGnYwnsae1QeeE7LocxdM2NGyCYSimIHb8=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Fri, 24 Nov 2023 20:11:39 GMT
server
AmazonS3
etag
"67eafea587e33a8f6dcf94997a12c3fc"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
124839995 125303048
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_colunista_marcilio_de_moraes-31024430.jpg
midias.em.com.br/_midias/jpg/2023/11/01/120x120/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/11/01/120x120/1_colunista_marcilio_de_moraes-31024430.jpg?20231103103412?20231103103412
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0df0150b3a2c0a2e388ec9e067c75abebb80f6610d674b04772ec86825944a7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/11/01/120x120/1_colunista_marcilio_de_moraes-31024430.jpg
x-debug
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
3PPMT9QZF7GYP3XX
age
270
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/11/01/120x120/1_colunista_marcilio_de_moraes-31024430.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
4511
x-amz-id-2
H5vf4dBqIrvQG+cw5Yx9BFAu3+/oNIBT+/MTlJG9Od2megiRVaURy3F9V+D0oCgOCR+bCKHU/s8=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Fri, 03 Nov 2023 13:34:42 GMT
server
AmazonS3
etag
"50b7bb41f4e5477281c7f6954c1854e4"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
57475333 54035777
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
1_colunista_luiz_carlos_azedo-31024382.jpg
midias.em.com.br/_midias/jpg/2023/11/01/120x120/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://midias.em.com.br/_midias/jpg/2023/11/01/120x120/1_colunista_luiz_carlos_azedo-31024382.jpg?20231103093415?20231103093415
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03089497f2493071b7d29a09a82e118f75f33abb560c00b42253a17b3d52cb9c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_midias/jpg/2023/11/01/120x120/1_colunista_luiz_carlos_azedo-31024382.jpg
x-debug
else
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
FFEBKQ3RAGAMYF5N
age
27
strict-transport-security
max-age=63072000;includeSubDomains;preload
x-url
/home/em/public_html/_midias/jpg/2023/11/01/120x120/1_colunista_luiz_carlos_azedo-31024382.jpg
x-ua-device
mobile
x-host
dapress.s3-website-sa-east-1.amazonaws.com
content-length
5557
x-amz-id-2
LiEC+Ril3yTdIC6Yx/lj5uvFjTMEGIX/WylDHbhKCuWJYbSh7ZNn6pk+nmVkBo+WNEkJyx08/Nw=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Fri, 03 Nov 2023 12:34:39 GMT
server
AmazonS3
etag
"d35ba877ab1e2331db7d0425c0b350ab"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
x-varnish
21726911 23986716
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
accept-ranges
bytes
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
profiles.js
d.tailtarget.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/profiles.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 22:38:56 GMT
content-encoding
gzip
age
84965
x-guploader-uploadid
ABPtcPpTjpxBJ7PMmQKAsIAFJaIvva2R2VlIpvGHPQ3fmvO6L1Sz7Is6wYRLEnNeWrmhDd3AO1Xfs4-wrg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5287
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"275a2ca262b6a5880df533bb6481142a"
x-goog-hash
crc32c=Z8R9Yw==, md5=J1osomK2pYgN9TO7ZIEUKg==
x-goog-generation
1694696370292847
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
5287
accept-ranges
bytes
expires
Sat, 09 Dec 2023 22:38:56 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=http%3A%2F%2Fwww.em.com.br%2F&pid=L1tqtdm8a7Ukb&cb=0&ws=1600x1200&v=23.1129.2055&t=2000&slots=%5B%7B%22sd%22%3A%22em-publicidade-ancorads%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F6887%2Fuai%2Fem%2Fhome%22%7D%2C%7B%22sd%22%3A%22em-publicidade-rasgado-1%22%2C%22s%22%3A%5B%221190x250%22%2C%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22980x250%22%5D%2C%22sn%22%3A%22%2F6887%2Fuai%2Fem%2Fhome%22%7D%2C%7B%22sd%22%3A%22em-publicidade-retangulo-1%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F6887%2Fuai%2Fem%2Fhome%22%7D%5D&pubid=e896768a-4818-43b9-8848-9bdc9a567fdb&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.222.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-222-29.lhr5.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 e0a7a324b596fc0c0db32b8ec9608cf0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
LHR5-P4
x-amz-rid
DPXME160YYGS8FN300M0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://www.em.com.br
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
3LWG_MjTnHw6GR8J-wTRg3k5Z9aEGHW9sAdWhzVZlQaWYyCb-LYGWQ==
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1dd35eca2f8ae96ca7e07712f0872924f523621d1c72e9b8fc7be4a45418fbce
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
content-encoding
gzip
an-x-request-uuid
6fe1cc79-9f9a-43f7-a0b0-b84ed12fe97b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.em.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.10.199; 80.255.10.199; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		333 B
846 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751144&size_id=55&rf=http%3A%2F%2Fwww.em.com.br%2F&kw=not%C3%ADcias%2Cminasgereais%2Ceconomia%2Cpol%C3%ADtica%2Cnacional%2Cinternacional%2Cci%C3%AAncia%2Csa%C3%BAde%2Cloteria%2Cconcurso%2Cresultado%2Cestadodeminas&tg_i.domain=em.com.br&tg_i.page=http%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=14d8c4bc503d666&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.3590230464188695
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f909c2c2a9a335ceeff177e65ba49c14fce81c73ac2aa304180243815f9e2f05

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751164&size_id=15&rf=http%3A%2F%2Fwww.em.com.br%2F&kw=not%C3%ADcias%2Cminasgereais%2Ceconomia%2Cpol%C3%ADtica%2Cnacional%2Cinternacional%2Cci%C3%AAncia%2Csa%C3%BAde%2Cloteria%2Cconcurso%2Cresultado%2Cestadodeminas&tg_i.domain=em.com.br&tg_i.page=http%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=em-publicidade-halfpage-anchor&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=15dbcfb66da672f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8487399277322931
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6f960527aa0f461fd0bbed7c8af5b3c385903e569ab97883c7ff275d9dbaaf3a

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		333 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751166&size_id=15&rf=http%3A%2F%2Fwww.em.com.br%2F&kw=not%C3%ADcias%2Cminasgereais%2Ceconomia%2Cpol%C3%ADtica%2Cnacional%2Cinternacional%2Cci%C3%AAncia%2Csa%C3%BAde%2Cloteria%2Cconcurso%2Cresultado%2Cestadodeminas&tg_i.domain=em.com.br&tg_i.page=http%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=165bb494b17f3e7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.8348790812688796
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
64db384e9c6ab41d01780ea1d88f3b8b84e9338c4ccab4ba58da1c9b21906d72

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		333 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751144&size_id=55&rf=http%3A%2F%2Fwww.em.com.br%2F&kw=not%C3%ADcias%2Cminasgereais%2Ceconomia%2Cpol%C3%ADtica%2Cnacional%2Cinternacional%2Cci%C3%AAncia%2Csa%C3%BAde%2Cloteria%2Cconcurso%2Cresultado%2Cestadodeminas&tg_i.domain=em.com.br&tg_i.page=http%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=1760996bc1c4126&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.3159326743868238
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e1846ba40ebb2099d0d6537679a8dd5f28175eef55ae70eb00b8bbb8f244d8c6

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		333 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751144&size_id=55&rf=http%3A%2F%2Fwww.em.com.br%2F&kw=not%C3%ADcias%2Cminasgereais%2Ceconomia%2Cpol%C3%ADtica%2Cnacional%2Cinternacional%2Cci%C3%AAncia%2Csa%C3%BAde%2Cloteria%2Cconcurso%2Cresultado%2Cestadodeminas&tg_i.domain=em.com.br&tg_i.page=http%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=18316f26148589d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.051795784428433356
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ff3ac8df8ea694c1116204d470b40815360e936ac757b757a1db06aab5d37de2

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		333 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751144&size_id=55&rf=http%3A%2F%2Fwww.em.com.br%2F&kw=not%C3%ADcias%2Cminasgereais%2Ceconomia%2Cpol%C3%ADtica%2Cnacional%2Cinternacional%2Cci%C3%AAncia%2Csa%C3%BAde%2Cloteria%2Cconcurso%2Cresultado%2Cestadodeminas&tg_i.domain=em.com.br&tg_i.page=http%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=190ae644b620432&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.053795375117586586
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
21c63cd98cfc00244562cd177d65cd8c7721fed3a283ec6abf9330931f1f9f4f

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		333 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751144&size_id=55&rf=http%3A%2F%2Fwww.em.com.br%2F&kw=not%C3%ADcias%2Cminasgereais%2Ceconomia%2Cpol%C3%ADtica%2Cnacional%2Cinternacional%2Cci%C3%AAncia%2Csa%C3%BAde%2Cloteria%2Cconcurso%2Cresultado%2Cestadodeminas&tg_i.domain=em.com.br&tg_i.page=http%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=20e9b70ba47ce98&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.30850211460718957
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9850e6221e44f3b81cdfd5df62bd43bec950dfed4d987d868fb0d5953bce3ec0

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		333 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751168&size_id=15&rf=http%3A%2F%2Fwww.em.com.br%2F&kw=not%C3%ADcias%2Cminasgereais%2Ceconomia%2Cpol%C3%ADtica%2Cnacional%2Cinternacional%2Cci%C3%AAncia%2Csa%C3%BAde%2Cloteria%2Cconcurso%2Cresultado%2Cestadodeminas&tg_i.domain=em.com.br&tg_i.page=http%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=21a6ef2a8b7c281&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.11710564735214057
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f2028ec8a2e0e67b31af83a46cf13b9af04c64d960e6f6dca2e5d086c5043b51

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		333 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751164&size_id=15&rf=http%3A%2F%2Fwww.em.com.br%2F&kw=not%C3%ADcias%2Cminasgereais%2Ceconomia%2Cpol%C3%ADtica%2Cnacional%2Cinternacional%2Cci%C3%AAncia%2Csa%C3%BAde%2Cloteria%2Cconcurso%2Cresultado%2Cestadodeminas&tg_i.domain=em.com.br&tg_i.page=http%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=22803ea99ecd5e6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.42920246668521034
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
726d441f784bd658996e27149975e6d84e6228db7a53f8de9926e82e01cf436d

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751164&size_id=15&rf=http%3A%2F%2Fwww.em.com.br%2F&kw=not%C3%ADcias%2Cminasgereais%2Ceconomia%2Cpol%C3%ADtica%2Cnacional%2Cinternacional%2Cci%C3%AAncia%2Csa%C3%BAde%2Cloteria%2Cconcurso%2Cresultado%2Cestadodeminas&tg_i.domain=em.com.br&tg_i.page=http%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=23a08be90cb4f2a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.8573251568650839
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6be67dc6303efffdb087459bc528b70ff8f9aeeb4ca3837e7d8fba3260910c33

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		333 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14338&site_id=157554&zone_id=751164&size_id=15&rf=http%3A%2F%2Fwww.em.com.br%2F&kw=not%C3%ADcias%2Cminasgereais%2Ceconomia%2Cpol%C3%ADtica%2Cnacional%2Cinternacional%2Cci%C3%AAncia%2Csa%C3%BAde%2Cloteria%2Cconcurso%2Cresultado%2Cestadodeminas&tg_i.domain=em.com.br&tg_i.page=http%3A%2F%2Fwww.em.com.br%2F&tg_i.pbadslot=%2F6887%2Fuai%2Fem%2Fhome&tk_flint=pbjs_lite_v8.3.0&l_pb_bid_id=24a7556dbf2f9de&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6887%2Fuai%2Fem%2Fhome&slots=1&rand=0.006258215296662817
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0fd36f5c10636c33e7f21f3adc2976914e5654394ca43c7b391ddf956601ddfe

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
333
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid-request
a.teads.tv/hb/ 		16 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-123-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
http://www.em.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sat, 09 Dec 2023 22:15:01 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.em.com.br
date
Sat, 09 Dec 2023 22:15:01 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUASCJ0O
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
e9bc564c7380a92298c9a3a362d6913fd593f7eef68f4fd94057694a4d55d423

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
http://www.em.com.br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
127
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 09 Dec 2023 22:15:01 GMT
req
cdn.navdmp.com/ 		6 B
100 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&id=13c6f9e685457076a4c6d3f94b10%7C0&acc=89454&tit=Jornal%2520Estado%2520de%2520Minas%2520%257C%2520Not%25EDcias%2520Online%2520-&url=http%253A%2F%2Fwww.em.com.br%2F&upd=1&new=1&h1=Jornal%2520Estado%2520de%2520Minas%2520%257C%2520Not%25EDcias%2520Online
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83309ab7f9b39034-FRA
content-length
6
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=84942644869
  • https://sync2.navdmp.com/sync?prtid=2&id=84942644869&google_gid=CAESEK2U3NBcznQ6y1xOdnLhciU&google_cver=1
6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=84942644869&google_gid=CAESEK2U3NBcznQ6y1xOdnLhciU&google_cver=1
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83309ab95aaf9034-FRA
content-length
6
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync2.navdmp.com/sync?prtid=2&id=84942644869&google_gid=CAESEK2U3NBcznQ6y1xOdnLhciU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
pixel.mathtag.com/sync/ 		43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.122.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-122-195.deploy.static.akamaitechnologies.com
Software
MT3 1143 599e619 master zrh zrh-pixel-x26 config_version:"2665" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 22:15:01 GMT
Server
MT3 1143 599e619 master zrh zrh-pixel-x26 config_version:"2665"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sat, 09 Dec 2023 22:15:00 GMT
cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
0
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date
Sat, 09 Dec 2023 22:15:01 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.94
content-length
344
content-language
en
container.html
6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 24FE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 22:15:00 GMT
expires
Sun, 08 Dec 2024 22:15:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14048
rtb.gumgum.com/usync/ Frame 3193 		0
100 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by
Host: tv.springserve.com
URL: https://tv.springserve.com/ssusersync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.132.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-132-222.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sat, 09 Dec 2023 22:15:01 GMT
etag
"0d41d8cd98f00b204e9800998ecf8427e"
server
nginx
timing-allow-origin
*
usermatch
ssum.casalemedia.com/ Frame 35EE
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=191709&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%...
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us...
2 KB
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Requested by
Host: tv.springserve.com
URL: https://tv.springserve.com/ssusersync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d89965f982a0fd0704c8b4eb5701fc8da3e5a0de08db70caf4b54fb967459862

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83309ab9ad0737e3-FRA
content-encoding
br
content-type
text/html
date
Sat, 09 Dec 2023 22:15:01 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tla7V8QRnit7%2ButKDukX9AOTH5QQrhnCfGQUo9mvS2hfJJgSgxoevPe0Nyb4u1Ooamd2qJqxCZvzaXa24SHymwYiZEGGQr1%2B5NLITyVfzYkJnm8RjnG81278wvTT6A6KyiBXaqh2"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83309ab97cda37e3-FRA
content-length
0
date
Sat, 09 Dec 2023 22:15:01 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwp3iQayz8OaWW%2BbcUMVn0Tj3houHCeVVPopDGU7FPPe58MhDCtgsPOf%2BA90X93jeAZd%2BDLv6Ke3vz9ky7pGQOCwKHPbSBm5yk16VB5yAOJhyDfPv0lP2zF3WD2i7IHkweBMxgdQ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 07E5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by
Host: tv.springserve.com
URL: https://tv.springserve.com/ssusersync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.168.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-168-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=93142
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 09 Dec 2023 22:15:01 GMT
expires
Mon, 11 Dec 2023 00:07:23 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
vid-io-dub.springserve.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fvid-io-dub.springserve.com%252Fusersync%253Faid%253D1000001%2526gdpr%253D1%2526gdpr_consent%253D%2526us_privacy%253D%2526uuid%253D%2524UID
  • https://vid-io-dub.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=9153038471813428128
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-dub.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=9153038471813428128
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Server
52.51.87.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-87-200.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 22:15:01 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
an-x-request-uuid
2bf0354c-5dae-4445-8dd1-180c70b397d5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://vid-io-dub.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=9153038471813428128
x-proxy-origin
80.255.10.199; 80.255.10.199; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
syncb
sync.bfmio.com/ 		0
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/syncb?pid=111&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.125.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-125-191.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 09 Dec 2023 22:15:01 GMT
um
cs.emxdgt.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000003%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.30.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-30-42.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
server
awselb/2.0
sync
ups.analytics.yahoo.com/ups/58185/
Redirect Chain
  • https://pixel.advertising.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true
  • https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true
date
Sat, 09 Dec 2023 22:15:01 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.94
content-length
373
content-language
en
prebid
rtb.openx.net/sync/ 		43 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24%7BUID%7D
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
ImgSync
image8.pubmatic.com/AdServer/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=157310&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157310%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.springserve.com%252Fusersync%253Faid%253D1000010%2526uuid%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
content-length
0
usersync
vid-io-dub.springserve.com/
Redirect Chain
  • https://bh.contextweb.com/rtset?gdpr=1&gdpr_consent=&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3...
  • https://vid-io-dub.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=xc05lUZvt0dc&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-dub.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=xc05lUZvt0dc&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Server
52.51.87.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-87-200.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 22:15:01 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://vid-io-dub.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=xc05lUZvt0dc&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5c6449b65-c4vxn
expires
-1
usersync
vid-io-dub.springserve.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D...
  • https://vid-io-dub.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-dub.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Server
52.51.87.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-87-200.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 22:15:01 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://vid-io-dub.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
etag
OPTOUT
content-type
text/html
us.gif
sync.go.sonobi.com/ 		49 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?gdpr=1&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000013%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BUID%5D
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.66 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-165
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
usersync
vid-io-dub.springserve.com/
Redirect Chain
  • https://pbs.publishers.tremorhub.com/pubsync?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%...
  • https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_priv...
  • https://vid-io-dub.springserve.com/usersync?aid=1000015&gdpr=1&gdpr_consent=&us_privacy=&uuid=ae15e3505f334821999676bab5ab0668
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-dub.springserve.com/usersync?aid=1000015&gdpr=1&gdpr_consent=&us_privacy=&uuid=ae15e3505f334821999676bab5ab0668
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Server
52.51.87.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-87-200.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 22:15:01 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://vid-io-dub.springserve.com/usersync?aid=1000015&gdpr=1&gdpr_consent=&us_privacy=&uuid=ae15e3505f334821999676bab5ab0668
date
Sat, 09 Dec 2023 22:15:01 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
getuid
eb2.3lift.com/ 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
pbsync
ads.yieldmo.com/ 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/pbsync?gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000017%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.39.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-39-70.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
sync
ssbsync.smartadserver.com/api/ 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=52&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000018%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Bssb_sync_pid%5D
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
content-length
0
sync
ups.analytics.yahoo.com/ups/58800/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58800/sync?redir=true&gpp=&gpp_sid=&gdpr=1&gdpr_consent=
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
sync.sxp.smartclip.net/
Redirect Chain
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=
  • https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1
42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Server
35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 09 Dec 2023 22:15:01 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=&ang_testid=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
v1
match.sharethrough.com/universal/ 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=BGApXMcE
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.140.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-140-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
sync
x.bidswitch.net/ 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.82.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-82-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
su
ih.adscale.de/ 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/su?gdpr=1&gdpr_consent=&tpid=22144&cburl=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000023%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D__STROEER_USER_ID__
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.62.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-62-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
content-length
0
um
sync.teads.tv/ 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?gdpr=1&gdpr_consent=&ssb_provider_id=1&uid&fb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000024%26us_privacy%3D%26uuid%3D%5BVID%5D
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-123-144.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Sat, 09 Dec 2023 22:15:01 GMT
pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
usersync
vid-io-dub.springserve.com/
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=52948&gdpr=1&gdpr_consent=&us_privacy=&rk=dub
  • https://vid-io-dub.springserve.com/usersync?aid=1000025&uuid=LPYM6BXC-6-BJX0&gdpr=1
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-dub.springserve.com/usersync?aid=1000025&uuid=LPYM6BXC-6-BJX0&gdpr=1
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Server
52.51.87.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-87-200.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 22:15:01 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Location
https://vid-io-dub.springserve.com/usersync?aid=1000025&uuid=LPYM6BXC-6-BJX0&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cksync
cs.media.net/ 		52 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=60&type=ss&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000026%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%3Cvsid%3E
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 22:15:01 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
52
x-mnet-hl2
E
Expires
Sat, 09 Dec 2023 22:15:01 GMT
/
sync.richaudience.com/74889303289e27f327ad0c6de7be7264/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?consentString=&r=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000027%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BPDID%5D
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
usersync
sync.springserve.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3691&_fw_gdpr=1&_fw_gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D1%26gdpr_...
  • https://sync.springserve.com/usersync?aid=1000028&uuid=32d5e41d9416ce265cc4c5fae2cdaf&gdpr=1&=&us_privacy=&gpp={gpp_string}&gpp_sid={gpp_sid}&gpp_sid=&gpp=&us_privacy=&_fw_gdpr=1&_fw_gdpr_consent=&...
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000028&uuid=32d5e41d9416ce265cc4c5fae2cdaf&gdpr=1&=&us_privacy=&gpp={gpp_string}&gpp_sid={gpp_sid}&gpp_sid=&gpp=&us_privacy=&_fw_gdpr=1&_fw_gdpr_consent=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26uuid%3D%7Bviewerid%7D
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Server
52.51.87.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-87-200.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 22:15:01 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 22:15:01 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://sync.springserve.com/usersync?aid=1000028&uuid=32d5e41d9416ce265cc4c5fae2cdaf&gdpr=1&=&us_privacy=&gpp={gpp_string}&gpp_sid={gpp_sid}&gpp_sid=&gpp=&us_privacy=&_fw_gdpr=1&_fw_gdpr_consent=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26uuid%3D%7Bviewerid%7D
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702160101598078-534
pbs.gif
sync.admanmedia.com/ 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000029%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BUID%5D
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.2.110.17 Greenfield, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 22:15:01 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
60
Content-Type
text/plain
analytics.js
www.google-analytics.com/ Frame F329 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: barra.uai.com.br
URL: https://barra.uai.com.br/centralizador.html?origem=http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://barra.uai.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 21:22:30 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3151
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 09 Dec 2023 23:22:30 GMT
c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Dec 2023 22:15:01 GMT
x-amz-request-id
Y67JKMS6K9CH728E
age
52
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1502
x-amz-id-2
B33MDroMXoHRPwonNfdEh7OgYAkG+9quij2d4vHLtZt++OAYVXybtbzTWUc4srBuEnmtpxf4yE0=
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Sun, 10 Jun 2018 13:23:55 GMT
server
AmazonS3
x-timer
S1702160101.355742,VS0,VE0
etag
"11d8569a7da0739259e3ac0b0d666e94"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
73
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
22
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/4.6.3/ 		120 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.6.3/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231207-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f48a1000003bf34c55964594a663ad739d66290ac2d2cda053a74b9eae6af18c

Request headers

Referer
http://www.em.com.br/
Origin
http://www.em.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
via
1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
456954
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34017
x-served-by
cache-fra-etou8220090-FRA
last-modified
Mon, 04 Dec 2023 15:18:26 GMT
server
AmazonS3
x-timer
S1702160102.601833,VS0,VE0
etag
"d65ee535fc1453f9caf6c4e84834b450"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
_xU7NM2rjJCBt96Wswddz1WbfgtO_86m-sGy0WlBHVd7hGc4ly8eNQ==
x-cache-hits
2665
userx.20231207-12-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231207-12-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-em/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62d7ff1050ade794a69b401340e13b032281f833139049bddf1926456eb8a182

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
7yQcBSArn2j7FyUvZooUqcxax1fzydHr
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Dec 2023 22:15:01 GMT
x-amz-request-id
ZJ38SSZ7HNSD7WWS
age
204912
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5399
x-amz-id-2
0hAxOuNTx8nUM1i6pjR1lvQCxhftIvh0ROoGtbesBloC7bbDrkSCq0F6qEgjHu2Im+x9ho8+4oQ=
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Thu, 07 Dec 2023 13:19:50 GMT
server
AmazonS3
x-timer
S1702160101.362617,VS0,VE0
etag
"fb596d8fa80a208ace6207ab582c4c67"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
36
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
76821
distance-from-article.20231207-12-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231207-12-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-em/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38c8892accf2c810e1e9c9c213dae3597c4dcfe8ed1086b2e8bda4a514b16c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
8TDCyzFvWFWcOjv_OHMpgTDeNpd0rHSZ
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Dec 2023 22:15:01 GMT
x-amz-request-id
FA1A2QPPMR7TK9FN
age
204856
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
nQ9Z4MqXqB+XSLmW84dfDJLPHYYYKQLxWT6d/0FCeK8r8EgXgdLoRzVHncexQDpCWehaAMRoOSI=
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Thu, 07 Dec 2023 13:20:45 GMT
server
AmazonS3
x-timer
S1702160101.362601,VS0,VE0
etag
"0a1bceb768c02dd9e95a6351bf5063f1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
56
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
417996
article-detection.20231207-12-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231207-12-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/diariosassociados-em/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
507fa711f89b65a3c5ea3d8a049e2b90983a6e7fa604092e87deeeaa7178c2e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
yL8eq2mcLtWEt2LaT3wB7xM5lDwFDzOP
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Dec 2023 22:15:01 GMT
x-amz-request-id
X2JED4XN7VHQWAH1
age
204843
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1292
x-amz-id-2
5b28Tc0lcyx8dgv4H3rqqg/nH6AAorMY524338TCjVVOTM8ZYY7gZwrVp5LVIVuKdBXe7OjIPek=
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Thu, 07 Dec 2023 13:20:59 GMT
server
AmazonS3
x-timer
S1702160101.362587,VS0,VE0
etag
"33e5488d1388d8c8245bd3063f853fa2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
56
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
417771
json
hp.taboola.com/diariosassociados-em/trc/3/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hp.taboola.com/diariosassociados-em/trc/3/json?tim=23%3A15%3A01.363&lti=deflated&data=%7B%22id%22%3A834%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_3fcc0205b7532ad88fd8b8e81f7458c7_6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64_1702160100_1702160100_CIi3jgYQ1o9BGN_bl4XFMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo1oiQ0_7gsb8xcAA%22%2C%22ui%22%3A%226b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64%22%2C%22uifp%22%3A%226b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64%22%2C%22lbt%22%3A1702152107516%2C%22vi%22%3A1702160100831%2C%22cv%22%3A%2220231207-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.em.com.br%2Fhome%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22http%3A%2F%2Fwww.em.com.br%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22http%3A%2F%2Fwww.em.com.br%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6285%2C%22ad%22%3A%7B%22hp4uGetRegions%22%3Atrue%7D%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Aabp%3D0%22%2C%22uip%22%3A%22HP%20Hard%20News%22%2C%22orig_uip%22%3A%22HP%20Hard%20News%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20Hard%20News%3Dorganic-hp-swap-mode%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22trcDomain%22%3A%22hp.taboola.com%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c9d72d6ebd81dc728a1f824bb6c7720b7173fe64301bdff0759c2b172a22bd3e

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
29
date
Sat, 09 Dec 2023 22:15:01 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.5891666666666667
x-fastly-to-nlb-rtt
7272
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230041-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1702160101.378266,VS0,VE29
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
http://www.em.com.br
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
abtests
trc-events.taboola.com/diariosassociados-em/log/3/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/diariosassociados-em/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-dupChecker%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1702160101364%7D&tim=23%3A15%3A01.364&id=959&llvl=2&ri=f06aa83d06084f7acaa065f84710f2f1&sd=v2_3fcc0205b7532ad88fd8b8e81f7458c7_6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64_1702160100_1702160100_CIi3jgYQ1o9BGN_bl4XFMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo1oiQ0_7gsb8xcAA&ui=6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64&pi=/home&pt=home&vi=1702160100831&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231207-12-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
http://www.em.com.br
pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/diariosassociados-em/log/3/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/diariosassociados-em/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-ct%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1702160101366%7D&tim=23%3A15%3A01.366&id=5911&llvl=2&ri=f06aa83d06084f7acaa065f84710f2f1&sd=v2_3fcc0205b7532ad88fd8b8e81f7458c7_6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64_1702160100_1702160100_CIi3jgYQ1o9BGN_bl4XFMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo1oiQ0_7gsb8xcAA&ui=6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64&pi=/home&pt=home&vi=1702160100831&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231207-12-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
http://www.em.com.br
pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/diariosassociados-em/log/3/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/diariosassociados-em/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1702160101367%7D&tim=23%3A15%3A01.367&id=7630&llvl=2&ri=f06aa83d06084f7acaa065f84710f2f1&sd=v2_3fcc0205b7532ad88fd8b8e81f7458c7_6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64_1702160100_1702160100_CIi3jgYQ1o9BGN_bl4XFMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo1oiQ0_7gsb8xcAA&ui=6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64&pi=/home&pt=home&vi=1702160100831&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231207-12-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
http://www.em.com.br
pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/diariosassociados-em/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/diariosassociados-em/log/3/abtests?route=AM:AM:V&tvi2=10408&tvi48=10637&tvi50=9058&lti=deflated&ri=f06aa83d06084f7acaa065f84710f2f1&sd=v2_3fcc0205b7532ad88fd8b8e81f7458c7_6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64_1702160100_1702160100_CIi3jgYQ1o9BGN_bl4XFMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo1oiQ0_7gsb8xcAA&ui=6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64&pi=/home&wi=-2815970046077281568&pt=home&vi=1702160100831&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1702160101343%7D&tim=23%3A15%3A01.343&id=9862&llvl=2&cv=20231207-12-RELEASE&
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/diariosassociados-em/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/diariosassociados-em/log/3/abtests?lti=deflated&ri=f06aa83d06084f7acaa065f84710f2f1&sd=v2_3fcc0205b7532ad88fd8b8e81f7458c7_6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64_1702160100_1702160100_CIi3jgYQ1o9BGN_bl4XFMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo1oiQ0_7gsb8xcAA&ui=6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64&pi=/home&pt=home&vi=1702160100831&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22pageLoad%22%2C%22type%22%3A%7B%22editorial-items%22%3A3%2C%22storageRef%22%3A%22%22%2C%22referrer%22%3A%22%22%7D%2C%22eventTime%22%3A1702160101364%7D&tim=23%3A15%3A01.364&id=2764&llvl=2&cv=20231207-12-RELEASE&
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/diariosassociados-em/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/diariosassociados-em/log/3/abtests?route=AM:AM:V&tvi2=10408&tvi48=10637&tvi50=9058&lti=deflated&ri=f06aa83d06084f7acaa065f84710f2f1&sd=v2_3fcc0205b7532ad88fd8b8e81f7458c7_6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64_1702160100_1702160100_CIi3jgYQ1o9BGN_bl4XFMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo1oiQ0_7gsb8xcAA&ui=6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64&pi=/home&wi=-2815970046077281568&pt=home&vi=1702160100831&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22pageLoad%22%2C%22type%22%3A%7B%22editorial-items%22%3A3%2C%22storageRef%22%3A%22%22%2C%22referrer%22%3A%22%22%7D%2C%22eventTime%22%3A1702160101364%7D&tim=23%3A15%3A01.364&id=6961&llvl=2&cv=20231207-12-RELEASE&
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/diariosassociados-em/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/diariosassociados-em/log/3/abtests?lti=deflated&ri=f06aa83d06084f7acaa065f84710f2f1&sd=v2_3fcc0205b7532ad88fd8b8e81f7458c7_6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64_1702160100_1702160100_CIi3jgYQ1o9BGN_bl4XFMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo1oiQ0_7gsb8xcAA&ui=6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64&pi=/home&pt=home&vi=1702160100831&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22pageLoad%22%2C%22type%22%3A%7B%22editorial-items%22%3A3%2C%22storageRef%22%3A%22http%3A%2F%2Fwww.em.com.br%2F%22%2C%22referrer%22%3A%22%22%7D%2C%22eventTime%22%3A1702160101367%7D&tim=23%3A15%3A01.367&id=1898&llvl=2&cv=20231207-12-RELEASE&
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
truncated
/ Frame 4485 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e82b9a956c59a73385a4573657856764668338ed372995994a8234266ee45e20

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
3550564259508201566
tpc.googlesyndication.com/simgad/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3550564259508201566?
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b71e5e91026f203cf1a5e48ff380b69ed68c46e3fd56e40ef92633cdf19e670
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 21:16:23 GMT
x-content-type-options
nosniff
age
89918
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15992
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 19:58:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 21:16:23 GMT
dot.gif
tpc.googlesyndication.com/pagead/imgad/
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpj2CL26sk_QJrNQcM9SJv7wZpLuW0W_LJvCEAwp2-CxNV3C7htfE-CNFHDBqTLtk3A-hyndkAzM-FdwOYKCeJeYrh5b0VxWae6N7R6EnDGrHSB_mVAeqn4dJVOnT4pfvl2CeRhU9F1...
  • https://tpc.googlesyndication.com/pagead/imgad/dot.gif
42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/imgad/dot.gif
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:57:10 GMT
x-content-type-options
nosniff
age
73071
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 01:57:10 GMT

Redirect headers

date
Sat, 09 Dec 2023 22:15:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
location
https://tpc.googlesyndication.com/pagead/imgad/dot.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 6D79 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65f55d359724c825b83c85631caa83080756e1b9e8063c6f2bab54ad5aab34e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
10963507553757066651
tpc.googlesyndication.com/simgad/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10963507553757066651?
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb0c4d0ecb73dd9f05ff5211f7e61f9e1e23cae6850cfd094c9e3fb46a10dbbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20005
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 19:49:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 22:15:01 GMT
dot.gif
tpc.googlesyndication.com/pagead/imgad/
Redirect Chain
  • https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswteO7pPQq6k7MlvOX08l5cPVTvgZaCHH2b_JgaUWSfeqT49dh2gDUg80G-aV1pqGq8U5H60bA1dxsEGrXWNfWEWZluZ5qV7ds4WwX6bUEDmJHetuDHzUsMKg5Hr2YPHesabwDrlzU_...
  • https://tpc.googlesyndication.com/pagead/imgad/dot.gif
42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/imgad/dot.gif
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:57:10 GMT
x-content-type-options
nosniff
age
73071
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 01:57:10 GMT

Redirect headers

date
Sat, 09 Dec 2023 22:15:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
location
https://tpc.googlesyndication.com/pagead/imgad/dot.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
1272-1710-01.js
t.seedtag.com/t/ Frame 1AC9 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/t/1272-1710-01.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0efafeb08fc479cd522b151daca0beed2ff391c3fe0fca76347ff6ce44392a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
via
1.1 google
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 09 Dec 2023 21:15:05 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1200
cf-ray
83309abbbb2c1e6a-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 09 Dec 2023 22:35:01 GMT
truncated
/ Frame 1AC9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ac8ccd2fefc3fad3724c46ba371f4ddc4b624ee41d91d4b2dc1a5bb1c8de4f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 1AC9 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvC15rnpQSdNc-6-bsyiMYFNwGOv_6Atxt2I8-3MV0r0FYIoR1iKQJQ1_5IA1LE7bBg7SNdxJPbK2CsviTmLVTLbEPcDH2LuHdZ7VBdAEC_Are68h9TsbS1-PBYcBbjgj7giybs1mg5YHMp_3Qoi-u1KWETZTySZ6bWVxUdtkbXhWqnUrfVVxrEM9HMJ4ckn9VPq35DjR-ISsXrY7fW4enQyfLPIReKajl5YOgpWJERPZbjllBcdF2bJ4xGRgMqsZjctyRWxZgMJ7bcbBL8J1bpnwIvey0LDRMsrqZtxFHgPO_X29T5cSPjVwlk9f-0&sai=AMfl-YTjlrgFxvpmUeS-hFTSAzDv2q2G5aBw6VanMeRNAEqvbGzrde43BJCQU9ykmIyM8m_eWsUbbS440pRGF8Kwajxe7HcF8nUhTCeeleUyZkIFLddZs50PHaSxcS95U_6r7_JKMuWcI8Jvw8WTeZUEI6c8vFfGSrqPgbmfGaA&sig=Cg0ArKJSzPwmQd04calGEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
6558.js
cnt.trvdp.com/js/869/ Frame FA59 		481 B
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.trvdp.com/js/869/6558.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-43.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759bed2ca060eaca61886f857fcc79759e16d47c6668a97114b2cc18876ba3e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 18:02:28 GMT
via
1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
last-modified
Mon, 19 Sep 2022 16:02:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
6840754
etag
"99e0069440d824199286a54fd40c6347"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
481
x-amz-cf-id
IDdrUNPXH1jH4Www1j7zpwt1m9_krwz0EZA3f_aPmPgbAUHyQ3wk0Q==
truncated
/ Frame FA59 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5967783af61b4135af96b01f2c73aab8f29c85a20149e1af64f3d361c9c30b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame FA59 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6fAsazbeFILoUU_PeYiwejPA8pTyvbwOpH3oFfkSrFSlWie42Qtbt4sbXZgpHBUyhG7Z2xAJB2DK9f0QOwmGAip7lt4dsNkMEhGqq_E69jdjYawgQhPneflPtPkqtu3fGOtZ2uztx_fYxsaLEiHcR9e1wtEV108UqAdPPDdnZKNlHsOTyhqvJ_4XPMwZHI0fei_9L0Zv_n9D7peIwf2RJJYL0G3e21sgM4K3OCuSDpVjHzSbNa3g8p2BGxvcCwj7CSixwlE3xAGkei3pNaKtjgWUF7eQ1uYiJZr7OtlG7uHogk3ke5kVs4hpBNCA9CGW_Q3IcTSTg3LuMsxf45fTvwY8iuw&sai=AMfl-YTI6CNiOPIp_KCPJT5eorZhzULxnnGqZndgp3w8UKsLK2HniBRqOPjuqs90pymMLW2dFroSxAC1UbFo_MVQ-yjF8ZXFMSQtdysH0jObuqxayTsa28K5mAHFFInXe0rgLb_tAlgSzsE4AWuMipfbfUY5mvFpw8ZGbFVkgCk&sig=Cg0ArKJSzCIbmrJGYJCTEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
login_button.php
www.facebook.com/v14.0/plugins/ Frame B6C5 		31 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v14.0/plugins/login_button.php?app_id=358950299469365&auto_logout_link=true&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a8c90126cf82c%26domain%3Dwww.em.com.br%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.em.com.br%252Ff24f699701a76c4%26relation%3Dparent.parent&container_width=0&layout=default&locale=pt_BR&login_text=&sdk=joey&size=large&use_continue_as=true&width=
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=c5fa12e0f7485f9fcffd705de3f68a53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
79ee2d6e13e8bbe212e805baccf2f07fd5efeb9288af74adf6e225c4bbba8dcc
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-origin
date
Sat, 09 Dec 2023 22:15:01 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v14.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
z9iCdUXGhrRhc+pzXvC2rw02MwS3/BzR8TcBZHo2sKZ82EXJtx4aJg3Wc3DFQ7E0K2dGLOoJwDOnrlSzduEOyw==
x-xss-protection
0
style
accounts.google.com/gsi/ 		533 B
607 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-04NWHz51ekwRtuoHWj1g0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-04NWHz51ekwRtuoHWj1g0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Sat, 09 Dec 2023 22:15:01 GMT
button
accounts.google.com/gsi/ Frame 6C4E 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/button?type=standard&shape=rectangular&theme=outline&text=%24%20%7Bbutton.text%7D&size=large&logo_alignment=left&width=240&client_id=133477885879-ml89jg8mocekhmnraefpi3cgednablut.apps.googleusercontent.com&iframe_id=gsi_101456_409856&as=ZP%2FVEXg43xlDC9UmDDPeMg
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
997fb9216ddd5077b48778c1b4161c0b1891755230bc9dd371f1ecd0fb63cc7c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jq78sV7FI4lo7wN9a-QsHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-jq78sV7FI4lo7wN9a-QsHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 22:15:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:38:08 GMT
content-encoding
gzip
age
2213
x-guploader-uploadid
ABPtcPp-7wnyys4AhmdUXHDzv94m4gs75pg7SwS6iPGQ_gFWTRj1yiFIwqmM5aVxUJz-RD8JN98hspnb0A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6116
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash
crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation
1694696370171925
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6116
accept-ranges
bytes
expires
Sun, 10 Dec 2023 21:38:08 GMT
profile
tt-10258-0.seg.t.tailtarget.com/ 		92 B
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-10258-0.seg.t.tailtarget.com/profile
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 30 Jan 2020 20:26:00 GMT
server
nginx/1.17.8
etag
W/"5e333bd8-5c"
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
social
trc.taboola.com/diariosassociados-em/log/3/ 		0
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/diariosassociados-em/log/3/social?lti=deflated&ri=f06aa83d06084f7acaa065f84710f2f1&sd=v2_3fcc0205b7532ad88fd8b8e81f7458c7_6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64_1702160100_1702160100_CIi3jgYQ1o9BGN_bl4XFMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo1oiQ0_7gsb8xcAA&ui=6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64&pi=/home&pt=home&vi=1702160100831&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22http%3A%2F%2Fwww.em.com.br%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Jornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.em.com.br%2Fstatic%2Fplaceholder.png%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=23%3A15%3A01.499&id=4366&llvl=2&cv=20231207-12-RELEASE&
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Sat, 09 Dec 2023 22:15:01 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7539
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230041-FRA
pragma
no-cache
server
nginx
x-timer
S1702160102.708481,VS0,VE10
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
usersync.aspx
dis.criteo.com/dis/ Frame 35EE
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXTm5Ym9aQ6m3Zi9HbN76QAA%265239&gpdr=1&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXTm5Ym9aQ6m3Zi9HbN76QAA%265239&_li_chk=true&gpp_sid=&us_privacy=&gpdr=1&previous_uuid=bb42f87b7dca413abadb998f32eb1b1a
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
182641
expires
Sat, 09 Dec 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Sat, 09 Dec 2023 22:15:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
pixel
cm.g.doubleclick.net/ Frame 35EE 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXTm5Ym9aQ6m3Zi9HbN76QAAFHcAAAAB&gdpr_consent=&us_privacy=&gdpr=1&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 35EE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=ZXTm5Ym9aQ6m3Zi9HbN76QAAFHcAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=ZXTm5Ym9aQ6m3Zi9HbN76QAAFHcAAAAB&gpp=&gpp_sid=&dcc=t
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=ZXTm5Ym9aQ6m3Zi9HbN76QAAFHcAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 22:15:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SMTD46HEC8MNDJYEF48F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 22:15:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4JJXRDFQ539T0VZ1DRM2
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=ZXTm5Ym9aQ6m3Zi9HbN76QAAFHcAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 35EE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXTm5Ym9aQ6m3Zi9HbN76QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ6pnD0WwTFhje_YUSvgZxQ&google_cver=1&gdpr=1
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ6pnD0WwTFhje_YUSvgZxQ&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGVpAeb7bCXOcBnWDyDnUUrvbNfJmD52Vjxi4NeblZ33zB8f5mRAedBmd6i46Ra2ygC%2Bt4R2oWb3aV1CZGIgnkQv9a4M187oc6bEKuEW9dOmWbiJz5kSl23%2BeqJ1E%2F4Ub2Ckwlk9uMahcw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83309abb9c0c1c40-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ6pnD0WwTFhje_YUSvgZxQ&google_cver=1&gdpr=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 35EE 		43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZXTm5Ym9aQ6m3Zi9HbN76QAAFHcAAAAB&gdpr_consent=&us_privacy=&gdpr=1&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:4::25 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 22:15:01 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1702160101617050-509
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 35EE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=ZXTm5QAFvFUS0wBd
85 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=ZXTm5QAFvFUS0wBd
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Protocol
H2
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230132-FRA
pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1702160102.774398,VS0,VE99
x-cache
MISS
content-type
image/png
access-control-allow-origin
*
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
0

Redirect headers

x-served-by
cache-fra-eddf8230132-FRA
pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1702160102.667953,VS0,VE99
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=ZXTm5QAFvFUS0wBd
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
casale
match.adsrvr.org/track/cmf/ Frame 35EE 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
server
Kestrel
content-length
70
content-type
image/gif
no_match_opted_out
um.simpli.fi/ Frame 35EE
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Protocol
H2
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 22:15:01 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Sat, 09 Dec 2023 22:15:01 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/no_match_opted_out
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 08 Dec 2023 22:15:01 GMT
usersync
vid-io-dub.springserve.com/ Frame 35EE 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-dub.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=ZXTm5Ym9aQ6m3Zi9HbN76QAAFHcAAAAB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=191709&us_privacy=&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.87.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-87-200.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 09 Dec 2023 22:15:01 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
newsletter-capa.js
www.em.com.br/_templates/em/assets/javascripts/widgets/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.em.com.br/_templates/em/assets/javascripts/widgets/newsletter-capa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
179.191.182.65 Offenbach, Germany, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25f547a38688056db912c3f924931e3409902038641582cbc480f2b2747e153f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
x-amz-version-id
null
via
1.1 varnish-v4
x-url-without-qs
/_templates/em/assets/javascripts/widgets/newsletter-capa.js
x-debug
else
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
x-amz-request-id
D8FESJPMW4WEJASZ
age
30
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-encoding
gzip
x-url
/home/em/public_html/_templates/em/assets/javascripts/widgets/newsletter-capa.js
x-ua-device
desktop
x-host
dapress.s3-website-sa-east-1.amazonaws.com
x-amz-id-2
SFH/Pup5ZjUIT06ZKJyOdYUGsnv6ZTKuIyktSuQ3hId32OG24Q48YuqoD+z+czVth7zJyBh0tHY=
x-xss-protection
1; mode=block
pragma
azion-debug-cache
last-modified
Wed, 01 Nov 2023 17:20:26 GMT
server
AmazonS3
etag
W/"d7c1ee1681c7d79d4bcfdc4a13e67f0f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
x-varnish
7536888 1638839
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
x-host-orig
www.em.com.br
x-cache2
HIT
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
eyJEQUFVVUlEIjoiYTg4MTI0ZGUtZjVhMS00MzU5LWFlZTUtMjgzMTViNzQxMTlkIiwiX0dBIjoiR0ExLjEuMTYxNjUzODkyMy4xNzAyMTYwMTAwIn0=
t.em.com.br/b/ 		0
41 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.em.com.br/b/eyJEQUFVVUlEIjoiYTg4MTI0ZGUtZjVhMS00MzU5LWFlZTUtMjgzMTViNzQxMTlkIiwiX0dBIjoiR0ExLjEuMTYxNjUzODkyMy4xNzAyMTYwMTAwIn0=
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:564::1182 , Brazil, ASN20044 (SA ESTADO DE MINAS, BR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
server
nginx
ads
securepubads.g.doubleclick.net/gampad/ 		115 KB
38 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2205472116647278&correlator=2610810191478912&eid=44777897%2C31079527%2C31079575&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=6887%2Cuai%2Cem%2Chome&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%2C1190x250%7C728x90%7C970x90%7C970x250%7C980x250%2C336x280%7C300x250&ifi=9&didk=2733480348~1812297616~1779311817&sfv=1-0-40&eri=1&sc=0&cookie=ID%3Ded30445369e3ec21%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_Mbw0S7wXrmPKQ8H_jUk8WaePsLUsA&gpic=UID%3D00000d111056c9e0%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_MYQfEYFwI4yYVGotX5GPHNPisM_Qw&abxe=1&dt=1702160101564&lmt=1702137450&adxs=436%2C205%2C1146&adys=1110%2C424%2C1315&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&bc=23&nvt=1&url=http%3A%2F%2Fwww.em.com.br%2F&vis=1&psz=1600x-1%7C1334x-1%7C321x250&msz=1600x-1%7C1334x-1%7C321x0&fws=512%2C0%2C0&ohw=0%2C0%2C0&psts=AOrYGslEe4nhx62SvhPpBNVx5ZJ7N5NOW3UvD3m1m1p1SG_w2LH3DQSBCXSbANy5jdcii0EaPw3Mc_pmQ-DUkt4YI3Y%2CAOrYGsmNwNYPfeCbNtJHsGcOBYlia4pnyFoPivDmXcgvK-DBk1DNcqMPh8h0Gmotusy7weqQXDFhPBHkEbzjDeT-4OU%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsmQkNiDkPI7_ZzXk7gz9n8mxmZEVVzGJt0tZE8v-FuE2L4aqFg1rmpROn_anxBmb3j0c9_hlIDNFCB5YP6uyhE%2CAOrYGslMKKUSe-PX-ZC4XE4Vn9BuaUS5hImnkdj-Y5XKXrhGHRCPb_x5LIN3_40XfEVpmGyyRAJ0oA007iIK_gwRDMA%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1616538923.1702160100&ga_sid=1702160100&ga_hid=1556597112&ga_fc=true&dlt=1702160099794&idt=368&prev_scp=identificador%3Dpublicidade-ancorads%26refresh%3D20%26implementado%3Ddinamico%26pos%3D1%26amznbid%3D2%26amznp%3D2%7Cidentificador%3Dpublicidade-rasgado-1%26refresh%3D30%26implementado%3Ddinamico%26pos%3D7%26amznbid%3D2%26amznp%3D2%7Cidentificador%3Dpublicidade-retangulo-1%26refresh%3D30%26implementado%3Ddinamico%26pos%3D11%26amznbid%3D2%26amznp%3D2&cust_params=unified_id%3Da88124de-f5a1-4359-aee5-28315b74119d%26user_type%3Dguest%26paywall%3Dtrue%26testeab%3D3%26resolucao%3D1600x1200%26urldata%3Dhttp%253A%252C%252Cwww%252Cem%252Ccom%252Cbr%252C%26titleofpage%3DJornal%2520Estado%2520de%2520Minas%2520%257C%2520Not%25C3%25ADcias%2520Online%2520-%26tagsofpage%3D%26reload%3D0&adks=1060018158%2C3239016431%2C2804343735&frm=20
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
afb33b3f4e2278ae6b077044dc307bb2478f4988afa6621e8e168e9e4f53c59e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38374
x-xss-protection
0
google-lineitem-id
-1,-1,6397119552
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,138450565370
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
a065fa675d497b786481b58f98c18e36.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a065fa675d497b786481b58f98c18e36.jpg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b17acea07c08d52c39004420a83cac3d1589d7d5024dfa7eec393d17aee8968c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-vcl-time-ms
24
date
Sat, 09 Dec 2023 22:15:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_267%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a065fa675d497b786481b58f98c18e36.jpg
age
3666866
edge-cache-tag
589377798881822181307975221783068220328,386049105073207345796117033061845157211,29ecf9b93bbf306179626feeda1fab70
cache-tag
589377798881822181307975221783068220328,386049105073207345796117033061845157211,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
174
req-referer
https://www.howandwhys.com/topics/archaeology/
content-length
20526
x-request-id
26ab75e0f0f78ab890a49fdeada41b57
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100054-IAD, cache-iad-kjyo7100054-IAD, cache-chi-klot8100120-CHI, cache-iad-kiad7000158-IAD, cache-fra-eddf8230041-FRA
last-modified
Fri, 01 Sep 2023 00:28:37 GMT
server
nginx
surrogate-reporting
width=400,height=267,bytes=26670,owidth=1728,oheight=903,obytes=150774
x-timer
S1702160102.724519,VS0,VE24
etag
"2e7eaf62d3f0457199fb0f6cc360f888"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 0, 1, 1
get-action
nr-events.taboola.com/newsroom/1.0/diariosassociados-em/ 		132 B
229 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nr-events.taboola.com/newsroom/1.0/diariosassociados-em/get-action?page.url=https%3A%2F%2Fwww.em.com.br%2Fhome&view.id=354423582075417131&page.template=home&page.dashboard=home&ui=6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64
Requested by
Host: c2.taboola.com
URL: https://c2.taboola.com/nr/diariosassociados-em/newsroom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6cc623bea73e51d8a09bfc0e952811fe0be67e5f37b0c0393629aea4969f82e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230041-FRA
tbl-x-upstream
10.44.219.141:80
date
Sat, 09 Dec 2023 22:15:01 GMT
via
1.1 varnish
server
nginx
x-timer
S1702160102.733040,VS0,VE11
x-cache
MISS
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
x-envoy-upstream-service-time
1
accept-ranges
bytes
content-length
132
x-application-context
front-page-event-server:production
x-cache-hits
0
css2
fonts.googleapis.com/ Frame 24FE 		4 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 22:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 21:42:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 22:15:01 GMT
css
fonts.googleapis.com/ Frame 3AAA 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 22:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 21:43:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 09 Dec 2023 22:15:01 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 3AAA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
9089
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 19:43:32 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 3AAA 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
5558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:42:23 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3E11 		143 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2195
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 21:38:26 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 3AAA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 14:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
29610
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 14:01:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 3AAA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
9711
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 19:33:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3AAA 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 22:15:01 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 3AAA 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5558
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 08 Mar 2024 20:42:23 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 24FE 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:57:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
11834
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9231
x-xss-protection
0
server
cafe
etag
9385233705467680479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 18:57:47 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 24FE 		205 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 21:17:49 GMT
x-content-type-options
nosniff
age
89832
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 07 Dec 2024 21:17:49 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 24FE 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 00:12:31 GMT
x-content-type-options
nosniff
age
79350
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 08 Dec 2024 00:12:31 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 07E5 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62101479&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
content-length
0
m=credential_button_library
ssl.gstatic.com/_/gsi/_/ss/k=gsi.gsi.ZYtlUg6-m0E.L.W.O/am=AFKg/d=1/rs=AF0KOtWNNgsjwcKmhV2R2k2NvyfrbxPNWQ/ Frame 6C4E 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/_/gsi/_/ss/k=gsi.gsi.ZYtlUg6-m0E.L.W.O/am=AFKg/d=1/rs=AF0KOtWNNgsjwcKmhV2R2k2NvyfrbxPNWQ/m=credential_button_library
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/button?type=standard&shape=rectangular&theme=outline&text=%24%20%7Bbutton.text%7D&size=large&logo_alignment=left&width=240&client_id=133477885879-ml89jg8mocekhmnraefpi3cgednablut.apps.googleusercontent.com&iframe_id=gsi_101456_409856&as=ZP%2FVEXg43xlDC9UmDDPeMg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ffd9148502527101428184082d3f169369aa4ba51720bd2eef686fc06571bfd
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 08 Dec 2023 16:21:46 GMT
age
107595
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1737
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 04:17:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="csi-web-eng"
vary
Accept-Encoding
report-to
{"group":"csi-web-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/csi-web-eng"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 16:21:46 GMT
m=credential_button_library
ssl.gstatic.com/_/gsi/_/js/k=gsi.gsi.de.3qPk5Hg9sQQ.O/am=AFCg/d=1/rs=AF0KOtXbYCTR2ytTGNOX2MzLyDEzUtdSiQ/ Frame 6C4E 		105 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/_/gsi/_/js/k=gsi.gsi.de.3qPk5Hg9sQQ.O/am=AFCg/d=1/rs=AF0KOtXbYCTR2ytTGNOX2MzLyDEzUtdSiQ/m=credential_button_library
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/button?type=standard&shape=rectangular&theme=outline&text=%24%20%7Bbutton.text%7D&size=large&logo_alignment=left&width=240&client_id=133477885879-ml89jg8mocekhmnraefpi3cgednablut.apps.googleusercontent.com&iframe_id=gsi_101456_409856&as=ZP%2FVEXg43xlDC9UmDDPeMg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e2efe30867f1ed4758d866cf4c2b45204625b02f633183c2fdb9cf422015b9e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/csi-web-eng
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 08 Dec 2023 16:41:46 GMT
age
106395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39386
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 17:54:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="csi-web-eng"
vary
Accept-Encoding
report-to
{"group":"csi-web-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/csi-web-eng"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 16:41:46 GMT
notify-impression
nr-events.taboola.com/newsroom/1.0/diariosassociados-em/ 		0
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nr-events.taboola.com/newsroom/1.0/diariosassociados-em/notify-impression?page.url=https%3A%2F%2Fwww.em.com.br%2Fhome&view.id=354423582075417131&page.template=home&page.dashboard=home&ui=6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230041-FRA
tbl-x-upstream
10.45.4.241:80
date
Sat, 09 Dec 2023 22:15:01 GMT
via
1.1 varnish
server
nginx
x-timer
S1702160102.733293,VS0,VE10
x-cache
MISS
access-control-allow-origin
*
x-envoy-upstream-service-time
1
accept-ranges
bytes
x-application-context
front-page-event-server:production
x-cache-hits
0
U7MAWJlE6hZ.png
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame B6C5 		522 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/U7MAWJlE6hZ.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/login_button.php?app_id=358950299469365&auto_logout_link=true&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a8c90126cf82c%26domain%3Dwww.em.com.br%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.em.com.br%252Ff24f699701a76c4%26relation%3Dparent.parent&container_width=0&layout=default&locale=pt_BR&login_text=&sdk=joey&size=large&use_continue_as=true&width=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1e0380df4c498644bb12391c4d0e5c39a625113e0906a8463ae473dfa6533720
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 22:15:01 GMT
x-content-type-options
nosniff
content-md5
3AqCXDpjCzTAeVl9384gMw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
522
reporting-endpoints
x-fb-debug
OigINmoAZk3bh9c+NXy2Q0AmkvQEMkZdRCxG9+w+CapdN/v12npgCNn7HsbOyFOm9r6U/3xtN11+pcnlBiJnqw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 06 Dec 2024 05:05:26 GMT
https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1699349904%2Fkv2rzcinhnyprhrl3wz7.mp4
videos.taboola.com/taboola/video/fetch/q_auto:low/ 		416 KB
417 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://videos.taboola.com/taboola/video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1699349904%2Fkv2rzcinhnyprhrl3wz7.mp4
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
aba7d65f6dbda36baaa184612f1d3a08addef403fb672b098c636811bbefe7cd
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
http://www.em.com.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

strict-transport-security
max-age=604800
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 22:15:01 GMT
age
315233
x-cache
HIT, HIT
Content-Range
bytes 0-425854/425855
server-timing
cld-akam;mitm=f;dur=47;start=2023-12-06T03:18:36.226Z;desc=miss,rtt;dur=1,content-info;desc="width=800,height=450,abps=50219,fps=25.0,du=8.48,vc=\"h264\",bytes=425855,owidth=800,oheight=450,oabps=84826,ofps=25.0,odu=8.48,ovc=\"h264\",obytes=719328,oformat=\"mp4\"",cloudinary;dur=126;start=2023-12-05T18:12:33.538Z
Content-Length
425855
x-backend-name
fastlyshield--shield_cache_iad_kiad7000105_IAD
x-served-by
cache-iad-kiad7000105-IAD, cache-fra-eddf8230041-FRA
last-modified
Tue, 07 Nov 2023 13:54:54 GMT
server
Cloudinary
x-timer
S1702160102.737569,VS0,VE3
etag
"2465db538e35a95b3b8a0d2414a6057c"
vary
/video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1699349904%2Fkv2rzcinhnyprhrl3wz7.mp4
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
33, 0
identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 6C4E 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/csp-report

Response headers
wdctk1JqbQ6.js
static.xx.fbcdn.net/rsrc.php/v3i5VZ4/yv/l/pt_BR/ Frame B6C5 		536 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i5VZ4/yv/l/pt_BR/wdctk1JqbQ6.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/login_button.php?app_id=358950299469365&auto_logout_link=true&button_type=login_with&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a8c90126cf82c%26domain%3Dwww.em.com.br%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.em.com.br%252Ff24f699701a76c4%26relation%3Dparent.parent&container_width=0&layout=default&locale=pt_BR&login_text=&sdk=joey&size=large&use_continue_as=true&width=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
100ecf2f5c1cf553603429177cd9f39cdbab9dceeb9cb076ee40f349f99f45d8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sat, 09 Dec 2023 22:15:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kVTjGReLEPUFLaPBcq/QHw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
142669
reporting-endpoints
x-fb-debug
XUDJDhD2mHXWoLeUSVyZM/LRaYQK5elHVBZYn/MLHPbjgx0/TVHgy/NPUSb2Zr9CXpMIj8Qp8ngPt+bO5Ps3Xw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 08 Dec 2024 02:17:37 GMT
supply-feature
trc-events.taboola.com/diariosassociados-em/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/diariosassociados-em/log/3/supply-feature?lti=deflated&ri=833a217faa93c7ee69383cf4726f7262&sd=v2_3fcc0205b7532ad88fd8b8e81f7458c7_6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64_1702160100_1702160101_CIi3jgYQ1o9BGN_bl4XFMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo1oiQ0_7gsb8xcAA&ui=6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64&pi=/home&pt=home&vi=1702160100831&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A374.03125%2C%5C%22articleClasses%5C%22%3A%5C%22webstories%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22DIV%5C%22%2C%5C%22threshold%5C%22%3A%5C%22100%5C%22%7D%22%7D&tim=23%3A15%3A01.742&id=9716&llvl=2&cv=20231207-12-RELEASE&
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
trc-events.taboola.com/diariosassociados-em/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/diariosassociados-em/log/3/supply-feature?lti=deflated&ri=833a217faa93c7ee69383cf4726f7262&sd=v2_3fcc0205b7532ad88fd8b8e81f7458c7_6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64_1702160100_1702160101_CIi3jgYQ1o9BGN_bl4XFMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo1oiQ0_7gsb8xcAA&ui=6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64&pi=/home&pt=home&vi=1702160100831&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22374.03125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=23%3A15%3A01.748&id=1628&llvl=2&cv=20231207-12-RELEASE&
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 09 Dec 2023 22:15:01 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:39:55 GMT
content-encoding
gzip
age
74106
x-guploader-uploadid
ABPtcPrvFvRm5ZUntEI6fuizPuymBavclKm37bmXuT_spZ8fX-flZgLWwjod2Pm-1dEL5sDus9tTumCHmw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8334
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash
crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation
1694696370056280
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8334
accept-ranges
bytes
expires
Sun, 10 Dec 2023 01:39:55 GMT
trk
tt-10258-0.seg.t.tailtarget.com/ 		70 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tt-10258-0.seg.t.tailtarget.com/trk?tA=TT-10258-0&tJ=_channel:em-geral:1&tK=1702160102&tM=direct&tL=direct&tN=direct&tY=3&tZ=614136939
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
js
www.googletagmanager.com/gtag/ 		112 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b206df18a75f19c50765981f0bae30111a3e5938cc805eaa8e2b3eb942a7864
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44194
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Dec 2023 22:15:01 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3E11
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 22:15:01 GMT
expires
Sat, 09 Dec 2023 22:15:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 22:15:01 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
6558.js
go.trvdp.com/init/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/6558.js
Requested by
Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/869/6558.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-72.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1fb11d98e1bdff89b5556445e957f666a0f587cf7d7a4594a59ae6abbe23784c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 18:52:26 GMT
via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
last-modified
Mon, 19 Sep 2022 14:08:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
28783355
etag
"5248bf0a7f3baeee972d8a24610584ba"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5844
x-amz-cf-id
3pjuJN2BoiSlHFMWRYZYmypO0Gdwl5Si45DrgKVFghDjuKslZrbEng==
c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

Referer

Response headers

x-amz-version-id
3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Dec 2023 22:15:01 GMT
x-amz-request-id
Y67JKMS6K9CH728E
age
52
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1502
x-amz-id-2
B33MDroMXoHRPwonNfdEh7OgYAkG+9quij2d4vHLtZt++OAYVXybtbzTWUc4srBuEnmtpxf4yE0=
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Sun, 10 Jun 2018 13:23:55 GMT
server
AmazonS3
x-timer
S1702160101.355742,VS0,VE0
etag
"11d8569a7da0739259e3ac0b0d666e94"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
73
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
22
u
b.t.tailtarget.com/ 		54 B
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
25b14465fdf41d6af58f04a4c012805943929f5870afbb64943f4147f3d434d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
pagead2.googlesyndication.com/bg/ Frame CB38 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 22:14:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
86414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19933
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 22:14:47 GMT
1272-1710-01.js
t.seedtag.com/t/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/t/1272-1710-01.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/1272-1710-01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0efafeb08fc479cd522b151daca0beed2ff391c3fe0fca76347ff6ce44392a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 09 Dec 2023 22:15:01 GMT
server
cloudflare
age
0
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1200
cf-ray
83309abd3ce11e6a-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 09 Dec 2023 22:35:01 GMT
js
www.googletagmanager.com/gtag/ 		174 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-17658134-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PX4JSCW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ece37269861884f765309296045560a938d5a24c3f7485e0489f6bd19575c6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64860
x-xss-protection
0
last-modified
Sat, 09 Dec 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 09 Dec 2023 22:15:01 GMT
p.php
stg.truvidplayer.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=869&wid=6558&cb=3015.5101121442085&url=http%3A%2F%2Fwww.em.com.br%2F
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-89.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
3eba2ba27f523006ca2008d1ae7a0dd2077e67fab64caeabfb738cb0d952d26b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
gzip
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
http://www.em.com.br
access-control-allow-credentials
true
x-amz-cf-id
9XKms3ypOSjbNJEzxdNAJGSKPJs43Z6nUzgZ-xPoiGt1BbezPYC_KQ==
st_1.9ecb78882f78ca3d2a57.js
t.seedtag.com/c/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_1.9ecb78882f78ca3d2a57.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/1272-1710-01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.111.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
156d88eeee25bdd897f676d8bfd61d10a0c847625eb80c72b1adfac9c4622e2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
24501
x-guploader-uploadid
ABPtcPqTTQMCNP9f6TRuVhLsuG5evH7I-JlxdOH1gyerv2hsoeVeychkB6eRQXNmcF29ozbea-_8QmL-kg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 15:26:24 GMT
server
cloudflare
etag
W/"41a2938d03cd2b4dbe3816af851f09ec"
vary
Accept-Encoding
x-goog-generation
1701962784015076
content-type
application/javascript
x-goog-hash
crc32c=BTqbEg==, md5=QaKTjQPNK02+OBavhR8J7A==
cache-control
public, max-age=5356800
x-goog-stored-content-length
17655
cf-ray
83309abd6e489048-FRA
expires
Fri, 09 Feb 2024 22:15:01 GMT
st_0.d6f823c7fb300513519e.js
t.seedtag.com/c/ 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_0.d6f823c7fb300513519e.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/1272-1710-01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.111.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae581437d0b9d19e375e89ae8abf0d0d92807f52764548b4a967d76e7f40a40

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
24501
x-guploader-uploadid
ABPtcPrqaapZ_h9IEPTKvlCUFuS13m8sg_MATPsn0pERMF7S_BVOK-m7e9IV3N66q-T-sWSAhiYOMlQfIg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 15:26:23 GMT
server
cloudflare
etag
W/"e9ad47867050a08365bc412b0ad55dfc"
vary
Accept-Encoding
x-goog-generation
1701962783992405
content-type
application/javascript
x-goog-hash
crc32c=fnZpJg==, md5=6a1HhnBQoINlvEErCtVd/A==
cache-control
public, max-age=5356800
x-goog-stored-content-length
91244
cf-ray
83309abd6e499048-FRA
expires
Fri, 09 Feb 2024 22:15:01 GMT
st_2.1af41f26f89ab3cc64b0.js
t.seedtag.com/c/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_2.1af41f26f89ab3cc64b0.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/1272-1710-01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.111.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
683810dce918116ed2946b8cbb916262b228dc4e6ef391b25c1b00ebb4dab193

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
24501
x-guploader-uploadid
ABPtcPok9Cf-rhf7Ft1bwhIimhL0bs2Yog39Aem1nHVAekWL4XuhRfp8kCez1keFCZRELM-YbgcrppEUSA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 15:26:24 GMT
server
cloudflare
etag
W/"5d87acff73864669e9ebf571ce5221fb"
vary
Accept-Encoding
x-goog-generation
1701962784620454
content-type
application/javascript
x-goog-hash
crc32c=nPL11Q==, md5=XYes/3OGRmnp6/VxzlIh+w==
cache-control
public, max-age=5356800
x-goog-stored-content-length
3857
cf-ray
83309abd6e4a9048-FRA
expires
Fri, 09 Feb 2024 22:15:01 GMT
st_3.6a72b4c295295d5914c8.js
t.seedtag.com/c/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_3.6a72b4c295295d5914c8.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/1272-1710-01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.111.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caac6e535c3deaa4e2f98a546d095270194905528348f7776a8ac6a6491c5c93

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
24501
x-guploader-uploadid
ABPtcPqz33VzTbCrC9s4MTSUt2u9Q-FWUrQDeRKPVYRtEX3RjpyftDla95M9XW0XuqtH-F202TXgzLxldw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 15:26:24 GMT
server
cloudflare
etag
W/"8b939574bb471c48143536bc7a41f282"
vary
Accept-Encoding
x-goog-generation
1701962784414896
content-type
application/javascript
x-goog-hash
crc32c=+p5vQQ==, md5=i5OVdLtHHEgUNTa8ekHygg==
cache-control
public, max-age=5356800
x-goog-stored-content-length
12858
cf-ray
83309abd6e4c9048-FRA
expires
Fri, 09 Feb 2024 22:15:01 GMT
st
imprammp.taboola.com/ Frame D4C5 		439 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&cmcv=&pix=undefined&cb=1702160102071&uv=3364&tms=1702160102071&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!lotc_vB!splits_full_traffic!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=cb24ad61-4361-4840-86c1-8028184037d1&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.3/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2677fc5cd01b04e26bcdac454c02708609f10b800fe91734c20d17d5bcd5c371

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sat, 09 Dec 2023 22:15:02 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230041-FRA
x-timer
S1702160102.083942,VS0,VE10
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&cmcv=&pix=31589837&cb=1702160102071&uv=3364&tms=1702160102071&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!lotc_vB!splits_full_traffic!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1702160099292.1!ts:1702160102071&mntl=1
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
content-length
0
server
nginx
sync
am-match.taboola.com/ Frame 8FC8 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.3/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
b6a9ae184cce1b682c95f3018f7a6d6f2d9bad4960563fdf889581819014defc

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sat, 09 Dec 2023 22:15:02 GMT
machineid
3406
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=322&height=181&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1702160102080&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1580&pt=383249529&tz=60&viewable=true&ddast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1008127&dpubid=194937&abtst=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!lotc_vB!splits_full_traffic!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.em.com.br&en=1
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d7e6f9e2fa462fbce98aeda500587f89f3243551a948f6d7225e5c9098562ee4

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1438
x-cache
MISS
x-served-by
cache-fra-eddf8230041-FRA
pragma
no-cache
server
nginx
x-timer
S1702160102.092177,VS0,VE134
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17658134-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 09 Dec 2023 21:22:30 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3152
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 09 Dec 2023 23:22:30 GMT
generic
match.adsrvr.org/track/cmf/ Frame D4C5 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&cmcv=&pix=undefined&cb=1702160102071&uv=3364&tms=1702160102071&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!lotc_vB!splits_full_traffic!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=cb24ad61-4361-4840-86c1-8028184037d1&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame D4C5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-rE84rJhE2oQshlt3WUhM7HnHQwr7zbuqCbKI9w--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-rE84rJhE2oQshlt3WUhM7HnHQwr7zbuqCbKI9w--~A
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&cmcv=&pix=undefined&cb=1702160102071&uv=3364&tms=1702160102071&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!lotc_vB!splits_full_traffic!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=cb24ad61-4361-4840-86c1-8028184037d1&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13033

Redirect headers

date
Sat, 09 Dec 2023 22:15:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-rE84rJhE2oQshlt3WUhM7HnHQwr7zbuqCbKI9w--~A
content-length
0
sync
ups.analytics.yahoo.com/ups/58785/ Frame D4C5 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&cmcv=&pix=undefined&cb=1702160102071&uv=3364&tms=1702160102071&abt=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!lotc_vB!splits_full_traffic!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=cb24ad61-4361-4840-86c1-8028184037d1&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 8FC8 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 8FC8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-rE84rJhE2oQshlt3WUhM7HnHQwr7zbuqCbKI9w--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-rE84rJhE2oQshlt3WUhM7HnHQwr7zbuqCbKI9w--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13033

Redirect headers

date
Sat, 09 Dec 2023 22:15:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-rE84rJhE2oQshlt3WUhM7HnHQwr7zbuqCbKI9w--~A
content-length
0
float.js
s.trvdp.com/scripts/v5.832/ 		469 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.trvdp.com/scripts/v5.832/float.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/6558.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-40.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 09:23:42 GMT
content-encoding
br
via
1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
last-modified
Sun, 15 Oct 2023 15:13:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
4625481
etag
W/"ae8e71eddcd185d49d5b9a8ef8a2ef6a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
UIDUiNF6fjwidE-C349okm4Ax8PZVNr8PdG_5g8pQJXXZ9Ds_s4GGA==
pv
s.seedtag.com/c/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/pv?token=1272-1710-01&device=desktop&fullUrl=http%3A%2F%2Fwww.em.com.br%2F&cache=1702160102151&v=-&ft=true
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
a2ae23336358c0ae9ada9c74a7f06f2c1cef4caaf01d279b07d83c1dccd91803

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
gzip
via
1.1 google
server
openresty
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.em.com.br
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
container.html
6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AB47 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 22:15:00 GMT
expires
Sun, 08 Dec 2024 22:15:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame FBFE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9uEPrp8quvtQcLT1I49FPamsk3LmGB4XhicUrwBXfYjOMX7lMpzUvjM2U1zeFHpK8dgCYbxEEpKh76H-8dll3-cwTF5mhmSBvke02r7uglJ75Ai2pLwbLvXHZZj6TnKDDYQt198QpwkqWdxcUvXzLwQ4udAD90DJJCryaGVmqYCw47KpiV8AV_ppyWzcM1AYhDCFPOktEDNpXacQpl4A6UzohR12jb34fL3hgAd1elJmc0V4FMFGlQb122eEFpbY9xBBe4p-kND_TkHNFzKJevGjiEEBaLEwhVgjfwMmaQxV497F_AeyzLU6mfXkCUL7PEdZCgiPh505IHFAXASDr56g-JrSRheKd8r1fa823YkfU&sai=AMfl-YSter_qBP_u__eliVO7meIrH3hV16Nfqy78v0u3ZKJazbPcbnXf-BaYNwkRoldxG_3SFUSZiLMYB9cG7t0mpwZVCAV7C9cqmlI9_uqXQzDE22AlpzXdLSuAyl3dmsX5IM-oc8ltfmajEw&sig=Cg0ArKJSzKMuRdLsjFs1EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame FBFE 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
5559
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:42:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame FBFE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 14:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
29611
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 14:01:31 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FBFE 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 22:15:02 GMT
251888822588523876
tpc.googlesyndication.com/simgad/ Frame FBFE 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/251888822588523876
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97d150121d68c50693e42c1d7c5762d8d3ef0f993ed16a5d7876e6bc1d5f999a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 11:21:00 GMT
x-content-type-options
nosniff
age
39242
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62757
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 20:41:02 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 11:21:00 GMT
l
www.google.com/ads/measurement/ Frame FBFE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrwpJYjyWQ2lGrlvRHu44bqxZh1UjZU9RWvojwJFtNSCdbcIfXlzf5cYIJc35l7Stc7tKW8TjQt0tht0cUkcgmaVmctA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
container.html
6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FA80 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 22:15:00 GMT
expires
Sun, 08 Dec 2024 22:15:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.html
eus.rubiconproject.com/ Frame 80B4 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Dec 2023 22:15:02 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
b
b.t.tailtarget.com/ 		92 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-10258-0&tY=1&tS=4&tU=0100007FE5E6746575062F080204AD1A&tX=b.52&tZ=530773811
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
1fa42b7ea91ab8d00859b62d4bfca986a76d98330fc69f46a39e72ebb0915b80

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/ Frame FBFE 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14f369fa6a0f601c4630028be30319486272d3426e17ba7ff54ebc487769706b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 06EB 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNXwjKvoimbpynMlX8yDzv-AmxPM_i_Lwed91CTVF4hWxRftKBsYYy0DsRgq_fAg6cUDBWVQuiUZqVyyRTRMa4dPfBsvRIPfVC12B9sVaTnc4GskGrXBzYIwHQQc6Tw9b3FPvpcnxXrnspREf9g2IEV1dFTnZ53daybgEhDFLYi2rKqoiqA
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 22:15:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame AB47 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 22:15:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB47 		42 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D7RE0y3lYQGrSwLi322xYsuKaHcmMreTCfya9oJ6CDQ_Q7SjfBE14AW8ZRNgt6U7mQN-mkrooUrF_vqvYE_yjCdSKfoD-fyBi9oGgL0s1oSbdFuXs
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame AB47 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 14:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
29611
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 14:01:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame AB47 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
9712
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 19:33:10 GMT
l
www.google.com/ads/measurement/ Frame AB47 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRHPDANIU69wrnzoZKMZS7TjhIOZYRvbFB4U7WdqUonGXRfkvDpk5kA_DSpbL4pivpBtpfIIEOFEA4VEWHIJ3DuELEKOw
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AB47 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 22:15:02 GMT
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_6_4/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_4/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.3/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-meta-mtime
1701778998
date
Sat, 09 Dec 2023 22:15:02 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26TJTXHVDRTFD2ZP
age
381043
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1701778999
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
D11YbJi7BRcJBmEOxhI/5KpihneAZ2wXjDQzD2lk9UUfX0wV6fcwM7b5WSiK+K4/3Xq6QPtdbAE=
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Tue, 05 Dec 2023 12:23:20 GMT
server
AmazonS3-br
x-timer
S1702160102.255576,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
400129
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/33_6_4/infra/ 		494 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_4/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.3/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
065547f6dec7e9fb8db83c9d9bdacdd0376f147bfdfdabbc3dffa8246a1a4b96

Request headers

Referer
http://www.em.com.br/
Origin
http://www.em.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-meta-mtime
1701778960
date
Sat, 09 Dec 2023 22:15:02 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26TJFNZAFVZW77W7
age
381043
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1701778961
x-amz-meta-mode
33188
content-length
107309
x-amz-id-2
f0kXiFeZlCsFKa4kSuNC2cvhJAcMzUSapBVQOeXmmIjiKcdbWjezIgv1OmQRKyhWTJn9GEUAStY=
x-served-by
cache-fra-etou8220090-FRA
last-modified
Tue, 05 Dec 2023 12:22:42 GMT
server
AmazonS3-br
x-timer
S1702160102.255550,VS0,VE0
etag
"f75d72d05a2c6ea0b2078a654cc805ac"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
29746
usync.js
eus.rubiconproject.com/ Frame 80B4 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa849a8f2c4f93d1e474e70bf056c61c02fff1efa7e79a5f022693d052cb5f63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 22:15:02 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Dec 2023 02:27:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15128
Connection
keep-alive
Content-Length
13233
Expires
Sun, 10 Dec 2023 02:27:10 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A950 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNWC_KmeeUwOW7_tTd5TOuBQe6LQlhslSdjCV4zOp2dXoqBzVCOZWteGpOaIseHOQ_G2ZmCFaPrYoT34VDNELfpgiZdO1abaNKkB7PBRJ5LmXAXTx9heiJOwdgxENfxNFh8xu4hPMWRiM-EyxLr8zISHXKqNud6H88nb0QVaxn9DL7dl_A0
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 22:15:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame FA80 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 09 Dec 2023 22:15:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FA80 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AZSGQroTH4QnIi_eMTmQeJzK44iSbEoZYdI70-lNmRYWxfOR7yAujs7abxADzXJPr6uqj12PpV56-5TN4ddzPbLWT1L6yPOJWumPV9nfgp7p9Iey4
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame FA80 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 14:01:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
29611
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 14:01:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame FA80 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
9712
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 19:33:10 GMT
l
www.google.com/ads/measurement/ Frame FA80 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrDiuJzfTmV2SRr6a0zlMUWXiEVUvhgpNhIzJbOpyRto1EQ9Lh_pWZuiOWLbcE78NuEGv-1Yck2OQnwgyrDKmWE3TNNw
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FA80 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 22:15:02 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bda9ec230e9fd779256cde4a4b7687c6fbfab102624bed226faca3e27d255716
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128901
x-xss-protection
0
expires
Sat, 09 Dec 2023 22:15:02 GMT
pixel.gif
p.trvdp.com/ 		0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=EUuOSLbwbwigi2P/dqaennxkVh9pWIOgJvYDtD1Pyqnsj7fubFse7TfUsSv3ZpaE05MG5WynEw1IlZcXXYb3nVzjPtDNSwKvo1SWDrkNq78CPWKcgwzCBCCB8ZvHdeWScm1q7ZBWK2Aou9X45pDVboyv7ZwpAYeC2qLawbizi7WsLvuOQHnwkm+8IjnjDGXpXIkGSIPmqogmBD3kErXaVdsKyxMcBAwV/1VP+m9mVD6nELsHX6hBJif7dUdTISVuVvN1PuDFdoyZT5OMUEpqwXeOtPIHshy/y8hrDZ2DWas=
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-58-110.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
server
nginx/1.6.2
view
securepubads.g.doubleclick.net/pcs/ Frame FBFE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu92d0agZJebA1g0Af_HInR-QVOZ5nk9HL6X97q6pFkr-3mXOemY-Cgglenk54kmGXmQm8RlFEl3ADyV2Fyj-mcV0lNTxc7gIPWAqySWQ0yFp1zBCxXbtTO42qEh1BW-CLOR8kBROqwUaPHuy5RPOih8a0sBAy6SBYuQXme-n12qiFTqaC7IBTVoiUsB6IPfDUF8i44IyGzScvAD0ji_FXvFvdG1fz1-q_KEnSAw89HmGWrXCoLZfA_BE3MdnM9-DZ7U4g3PpNVthEiOEdQCr3pLthXCyuxs8F3NkP2M9lMvrYDsh7K5wpLKTAjcFO9HnxEzu2ACdhbd6ujexob1DFiauS5fSx7&sai=AMfl-YRyTHA1ffJLIQnHJwKaR4dvAcGK79Nr7q0R29eFP-UQwDy1U218SbWEmxnO4jWY8xRPsd65POeoyikqvIRX0pdP-Sv6wE-OW2Ckph5-zF46K3_zjsVy6EOASz8DfZupHNh7bxzz9JW1Iw&sig=Cg0ArKJSzDo_RfjeVvT2EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 09 Dec 2023 22:15:02 GMT
rum
dsum-sec.casalemedia.com/ Frame 06EB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ6pnD0WwTFhje_YUSvgZxQ&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ6pnD0WwTFhje_YUSvgZxQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNXwjKvoimbpynMlX8yDzv-AmxPM_i_Lwed91CTVF4hWxRftKBsYYy0DsRgq_fAg6cUDBWVQuiUZqVyyRTRMa4dPfBsvRIPfVC12B9sVaTnc4GskGrXBzYIwHQQc6Tw9b3FPvpcnxXrnspREf9g2IEV1dFTnZ53daybgEhDFLYi2rKqoiqA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpFsS39cdDZTZvdGIn4yVWs7WRe0SWmLXPZL6tRT0SZuw8rIojjsVI%2FFTsnQ0vLW00UWAlBtXDQzcyQhiChiYBC%2BKkQR1KpVDp88RPxfjhFVnneVM2f5XnrY5AXC3UPhCnlJLqbRKq%2FWsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83309abfd9841c40-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ6pnD0WwTFhje_YUSvgZxQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 06EB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXTm5Ym9aQ6m3Zi9HbN76QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ6pnD0WwTFhje_YUSvgZxQ&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ6pnD0WwTFhje_YUSvgZxQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNXwjKvoimbpynMlX8yDzv-AmxPM_i_Lwed91CTVF4hWxRftKBsYYy0DsRgq_fAg6cUDBWVQuiUZqVyyRTRMa4dPfBsvRIPfVC12B9sVaTnc4GskGrXBzYIwHQQc6Tw9b3FPvpcnxXrnspREf9g2IEV1dFTnZ53daybgEhDFLYi2rKqoiqA
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxtK0icDDuTKTAbMTk%2BwEbzy3ojGyYkX4t54H4Vs1jtuOSFfcfdXI27Nj2SMaksVXKhp50bGDWD%2FIFDz3H1Hq2xp8AFRcHR07eS5xTDdQTMKIQ3llTM11QjoiTUnAMJgqgNjpinV6PRk5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83309ac04a081c40-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ6pnD0WwTFhje_YUSvgZxQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 06EB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECffIoGTPDLgCKjWmiK9F-I&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECffIoGTPDLgCKjWmiK9F-I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNXwjKvoimbpynMlX8yDzv-AmxPM_i_Lwed91CTVF4hWxRftKBsYYy0DsRgq_fAg6cUDBWVQuiUZqVyyRTRMa4dPfBsvRIPfVC12B9sVaTnc4GskGrXBzYIwHQQc6Tw9b3FPvpcnxXrnspREf9g2IEV1dFTnZ53daybgEhDFLYi2rKqoiqA
Protocol
H2
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
an-x-request-uuid
3807de97-e9d5-4185-830d-c3d2f1ceedf7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.10.199; 80.255.10.199; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECffIoGTPDLgCKjWmiK9F-I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 06EB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3NzEwMjIxOTc4MDY4MDk4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3NzEwMjIxOTc4MDY4MDk4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNXwjKvoimbpynMlX8yDzv-AmxPM_i_Lwed91CTVF4hWxRftKBsYYy0DsRgq_fAg6cUDBWVQuiUZqVyyRTRMa4dPfBsvRIPfVC12B9sVaTnc4GskGrXBzYIwHQQc6Tw9b3FPvpcnxXrnspREf9g2IEV1dFTnZ53daybgEhDFLYi2rKqoiqA
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
an-x-request-uuid
e3704f5d-aefc-4f96-b99b-44a836a3c33f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3NzEwMjIxOTc4MDY4MDk4
x-proxy-origin
80.255.10.199; 80.255.10.199; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A950
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPQ41he-MRD7N0MvIs5Tujg&google_cver=1
43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPQ41he-MRD7N0MvIs5Tujg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNWC_KmeeUwOW7_tTd5TOuBQe6LQlhslSdjCV4zOp2dXoqBzVCOZWteGpOaIseHOQ_G2ZmCFaPrYoT34VDNELfpgiZdO1abaNKkB7PBRJ5LmXAXTx9heiJOwdgxENfxNFh8xu4hPMWRiM-EyxLr8zISHXKqNud6H88nb0QVaxn9DL7dl_A0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPQ41he-MRD7N0MvIs5Tujg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame A950 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNWC_KmeeUwOW7_tTd5TOuBQe6LQlhslSdjCV4zOp2dXoqBzVCOZWteGpOaIseHOQ_G2ZmCFaPrYoT34VDNELfpgiZdO1abaNKkB7PBRJ5LmXAXTx9heiJOwdgxENfxNFh8xu4hPMWRiM-EyxLr8zISHXKqNud6H88nb0QVaxn9DL7dl_A0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame A950
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEB6rNW_EnVgbN84Inb5zzP4&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEB6rNW_EnVgbN84Inb5zzP4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNWC_KmeeUwOW7_tTd5TOuBQe6LQlhslSdjCV4zOp2dXoqBzVCOZWteGpOaIseHOQ_G2ZmCFaPrYoT34VDNELfpgiZdO1abaNKkB7PBRJ5LmXAXTx9heiJOwdgxENfxNFh8xu4hPMWRiM-EyxLr8zISHXKqNud6H88nb0QVaxn9DL7dl_A0
Protocol
H2
Server
23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-123-144.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Sat, 09 Dec 2023 22:15:02 GMT
pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEB6rNW_EnVgbN84Inb5zzP4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame A950 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiL3_QBMAE&v=APEucNWC_KmeeUwOW7_tTd5TOuBQe6LQlhslSdjCV4zOp2dXoqBzVCOZWteGpOaIseHOQ_G2ZmCFaPrYoT34VDNELfpgiZdO1abaNKkB7PBRJ5LmXAXTx9heiJOwdgxENfxNFh8xu4hPMWRiM-EyxLr8zISHXKqNud6H88nb0QVaxn9DL7dl_A0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-123-144.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Sat, 09 Dec 2023 22:15:02 GMT
pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
khaos.json
token.rubiconproject.com/ Frame 80B4 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB47 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5253653239406&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB47 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5253653239406&version=m202309260101&ct=76&x=1&cor=1326240916652174600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AB47 		110 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3HoFqK27T6CRj9h4FwNLX3Rheatol2nY8fqX_YJ6w2nGR_G3qCZLfuqlhFW90mudiO4QNVS2_rACjqAt_zp-YNOvSvsPQeFhAA3tioBckk-y-6QeZibeFS-810VgEPljfjyC712foglILVL4u_PGzJFpkodVk6gBBxLbZ_T_t3_ZLUPc&dbm_d=AKAmf-C9ZAv1nPASXuXYzzsMMJuM-41XHneyli1GXcmTzBKw2UT2m7Zcf897toAoPLNwMMO_NZwYW7AuqhWtAmpShmLH4iEtsuO3eVJdlNCEzHzfPuYXivvEVvKmELPqXPvayekmgBsoKQ4nRwSIMLF83qiWhyNiqnl60pN1XYfnv2IQ-mpO1C4nMgtzxJuDaXWqbFxXu0aywhE-tHeWceIFWft8ovXgnPToABfJTqL-IXfrWvd5uJVNeauhODQ3v5N1ggAzu7-qBgq3a1vDnByHhJur9wPxle5jOzZgB_ow0Csy_nkJSRPMkA9zLaqrGRE8ZbtqlMU1kkQjMnd4ZYxa-ikFIaEUMe47klV4Wcvk-YrHUGeBnlCMOhS4MhxwM7DJPiMJfSTRgTmbzEk0QGfsxU4ZuZOthx2ePVpA_jL3iVSCteawGp8lvUw3zISl1pABsyPNUpd6p7QbP7RmApBZFyyPq-3TUVMkroT6iWgYNJe-CyQZIbqbM3q6KjgMJo6JpBbkuX7-hrZp95pTtyQF_aFjAozYYHfm1_1m_zUA1SGuJY36bbC9s0vRQNjivFfeYLot4FpgjlRKnKXY6xwgGiLFfxuPv_VB2128ACPZ_ubBrXDIjI4xffaTg0HILEi5drw0iRcTKsx6FCzw_Tnlp2Wnxvkt4YxHxmOXe_ZNCt4-bwFt-ot-QimwQHmcnSwt1WIyaNWgWWeNrbtDphTzVjvL5q6oycuJTKfXznwDcDktOge1EtjXCo2c5z9mcPY7eX-w7jtLtN_t6YjvfbrXf8ogBsgPhCQpHBo-x2WUx6rDcjq2vQsZ-0Ep8akygUMf3TGrJosTzEIxNLA5o0t7vXs4sSTheuQPcOhi029Nq7wnLwXYdceVkVJFoF3wNezSQ6rlXni90d3-zNlshLFm4R77lbY1BkOxHWai9lD4z0ro7k-tOwf0uOoMMAssxzVqDrPPBrDg396UAcZCDtC9IfoyG5ecwIfnK_1uc2bp8GMWWuZ6DqXRdvZHxWiwJdtQS9QQtOzOT-w0m-nkf7L0sgT4IVa8_YuyXFlXum9q61qm9olPi0yCt4TwzJ-pAho6apfDROfGYb1i2jxU8Op-YqpYLWu6sbu6SbFbg5sjzl5iFq2aOogaFJOzqAiaML_UkA6DE3tQLwjWaYA8kPQQFEvDglZ7HZFcgcisj8WWMBHkdgSAofwlncPV8Eq7si43HAxuWJnn-8kd_MM5_h4ogCjHlZi7L0TMx5CJ7u6JtmQk4Vti0R4i1Smscwrae23J7Sbtwn6SxXTYGUYggEtD8KCU7rQk86z1Vc3IbtIYUddr3a_XC4TrHNDJKX0kh6SHqpJGev49SYU_dbAVLtC7PN-rfAHCXctIYS3ovkDUUJX1g5bpLXq6xtjsfoqRlnLsDu1b7Euvjo_cKQCpdZ7BS2zZW8opcN0uEdqQLz0jmwpWyDFCLtSIjVqAWZ6bar_bCyaKuy1RNm_SgO-b0dF_X8tBAJ2mPGXxiorT5xzJi3LS5CF0Dqwyk2eRgH-vtOQrl8-bvIrNL1kV_G2i22dUIY23T-e3ocVMVtIzVjjxY6gOYNLIQ9XaLcbYgeMWJmvP1zAFCQTDkVvI_UgZP1jiyHiw0Pp64uCqmIRX4SRyLEsw2s0r0eMyGQUAgTG6jpQPG1yWNlmaJ2u85odEOrr8zagD8vuP8FIqKOl0du3YCdAPzSfQlZjk4pxWfdJdj16lVCZttdYk3dordUAYjiRRtV5q1aPsI0JUOLECxPbQWEilQwZ_Vv-FPP6aOuU01ieTHPZaZnSHWm6A4nOg-36Rtx-_MJEXXcZluHaDdfaYTGS2Urk8xD7LZrNIBn0bgtGSx6o4J_WNQU1U3mOFQ0xB1jruIFRfrYWgi81YvbzrMtHfjWnhnRdG2R5so8VUTGAVW_yhFuNqBG9Q95JOnMi8AXSg8rWygwalE52onyiE3XHt8v84nbtIr505ekhdoCZ6ER5Ff8-n3eMljWYD8r_uA3hZ_u0h4TPPXmDGMWOcEDOrrEENKcnj1thJaVm4EjBd03OZbaNDnYWqIa32mUUoxln6f1Iw_RE-5JNv0TsToHruaUurpFLHdU-Gwpwh8Lp_VHAeOQngbqMbvQHYC_I_-Rzb6DdpPKvRforhZYkXNfJnHPmxrEGeScu-mEe5Ny40g0mpTwMjd24IMmVOd3SaZbuA-A7gtZK3iVu8dWqCPisOq7-3qhYXv304CiON0QqaDNvXNbG0QbwYhBZA1IzIJNuOu03odB5nIaqme7yDD5HVHe45xvJgOkfaAR3yU3U_vO2URXmDJQkikd0MkdgLh6XTF-6Jj978tvSrihjO9jpjKgg363XotPh3-4ni5FUpzpQegfkKjgsNKwuJcqeM0BhYO5hY-U-2UFmA8po0Uiuqaz5lw37Yo6RJ5iHWT_K07JCmWziZDXP4RxSIexXCarYUk7kjywinh2rVU1twlUUCi-usEBOVe856phN2YivKbKIw8vjL4pvTPipCnVn-UrsWQSXcWW8qt7MxBVJv8fjphub5rY6TOPm7fJw9yMIHPM_xwlu7Mw6OMUohsUfZzl4CYPPH9WjK_qGbCCA24OPsw6Iyk-080v6ZY5XcyaqWwJXmWOB1kx368VuhytZ2cf9kz-YDW6oFr8rpL_dZuomQt_wAbzDusV74HwShJpGCrBMB3xo7HYe6saICFdOET0UzGFze4D7tI3-89VzrJoD5oZCWIvEvQ06kEpWbjwyRPv6tXGbz1IKET4SMDsPC9ywvprq8gNRx1w3JgCjK1guhQd9u0h9WS-n34U1SGS5fT_waHykDuXPpf6CEAJIhupAJAQDpDosLALWBOfISiD81FPrF5SEzivDDvxIq6SiaJtKgjZjkNW1diwMc0PwGwKBwDusLH9dFgyOSnnYP3FACfgCDJdVybryUtkBS7NlcTNcGp59qn35hxihfRPRQDTBsYeuDAEXWJJzg4eeTDI9_O6TwvXvWoYIqYaV2X7pnj2R4BuGm88HrZouZRQF9h7N9xkmklni4xfecB2U6LzKmhGHihHdtslXBaEpxAZ-7DXYpv9dSA6WYaDY7ZM1Ale8pXlnSER0LWx5m6f29nQyr46z9qXRIw9C6fgAxzOLczQAyNe6mblAeVSOwnPiOJs2iMSGmqYzsqN2wxwCbhandC7edQ0pvKJBrcEIcujfui0xx-0jW_iGg_AOrl_4kjMPPDP1gtHtES2JB7CavYpC1NeqTEtWzHcvJ3uL26aszdG9zzL4Rb0wYkjmxzyiAd8yZuRXkZy_4lhCsP_cYarjGFeQ8AC8NvXYTFi81XcrAKLR0uwPB9Gw2dRYHg2rWWiiHyCc2ZXWf_MTZh5y_nfZy1keuBnRVl80qWnZjCysttq-vkKBknMtUBho5QhvFmAzZ3V8yc4_xkAfZq3aihHs5dDDzSP5cG9i5dHjJ9jPbqWDoxK4r4DpHol6J38YUW5FQy0l7ohqowFDsBGf2hBeDBoU_38jXMuuLkRq0hLZEJVEob_jRpmZ4usP3mZZ-Ziy8gqTnbJ6SS0uRu-PZ6I3zeGKYlgHwVwtE_pNbYpZaji3HeVJ9NKDYxfogP2sa_e3J0pTGNbfTjo84oIkEoxvTEQhLgW7FiJdzTgjjDyUmHUFlKvSfM4Mr9D2DzrmTvMDGQky5khgkFfKntRIlMqZDcY9qksBdRXdUFDf3Yzh3ubWBvunYSeaSoivlEDQiMG7CGVRwTJ0DQtYLLK0mgvewYdbJlsKG_do3VbLLNWwuG51gJQy4MEw4nPkKxQTRXIDkdEkkuCgoGSxDNrC7Da45ksusR8VzgSySVu7CWSWqx-R8bx3GtS2BZHr7YgctIG8e5zMkMraC2HgKqvve5VODLZoZdofX7gWAQNBN2D82CFBhzvEV7sQZJmNVmE4nxZBx9JSnrA&cid=CAQSPADICaaNJk0QsoOBIbZhkYIHGDe-J_znjhXWr3VVqhxBxY6srt3iZu7CZvJFXQRNzDDqd2EKqtFL9UFgHhgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.em.com.br%2F&ds=l&xdt=1&iif=1&cor=1326240916652174600&adk=2004672171&idt=99&cac=0&dtd=45
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce30fd214bd6c8cb11fa3f559ffecb0eed2eab3edfa803a791280f90c7088a03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42352
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
am-match.taboola.com/ Frame 78F9 		422 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_4/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
16b1da52f88c204a656c316f84a12b12b02813a645e93355777062f25353f977

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sat, 09 Dec 2023 22:15:02 GMT
machineid
3402
server
nginx
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.8.0/ 		430 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.0/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_4/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f3e15c8c652037a48cdfd166c79433f19ccedbf4d660770128a4ed2f3f4ce64f

Request headers

Referer
http://www.em.com.br/
Origin
http://www.em.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-meta-mtime
1701937093
date
Sat, 09 Dec 2023 22:15:02 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
DY8CW7P33VNXSE6D
age
222967
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1701937106
x-amz-meta-mode
33188
content-length
82572
x-amz-id-2
JbgQzGIYRfx90kHdOwkvo5KHzkd468BcjYAjUXE5qrsgRA9pH2f8tVfFQ/C787DyAEmsgM16AR0=
x-served-by
cache-fra-etou8220090-FRA
last-modified
Thu, 07 Dec 2023 08:18:27 GMT
server
AmazonS3-br
x-timer
S1702160102.499858,VS0,VE0
etag
"17b4a4e13dee57aa61a6da79cb58624c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
81971
ca
tt-10258-0.seg.t.tailtarget.com/ 		61 B
100 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-10258-0.seg.t.tailtarget.com/ca?tZ=113554318
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
3d5bdf172eb6e52b44abed14adf9b0ce5ffcf6fc5a32d174d8880407c9801480

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
http://www.em.com.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Sat, 09 Dec 2023 22:15:02 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
2951193
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1702160103.532425,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
304699
generic
match.adsrvr.org/track/cmf/ Frame 78F9 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 78F9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-rE84rJhE2oQshlt3WUhM7HnHQwr7zbuqCbKI9w--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-rE84rJhE2oQshlt3WUhM7HnHQwr7zbuqCbKI9w--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18843

Redirect headers

date
Sat, 09 Dec 2023 22:15:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-rE84rJhE2oQshlt3WUhM7HnHQwr7zbuqCbKI9w--~A
content-length
0
sync
x.bidswitch.net/ Frame 78F9 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.82.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-82-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame FA80 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3527801881658&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FA80 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3527801881658&version=m202309260101&ct=76&x=1&cor=8962062580978825000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame FA80 		110 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cpcpxfh8GvMM6zSJ4osJuN0nEP9-eJ34LURlPw6mzgwzfFRW5louN5AuidsTKOgk9GnHDKTzi9LUOzGdbSAv471QSJhWCvfGA3r1oCLbD1RVsMhMcEGEFV_cvMq9OIWxtqIeMlNL5COSWBJm0r65rOsOgxj1rviFdhVMZDpiWH8WRb3fY&dbm_d=AKAmf-B9CEY1N-YUMTSL_oYA4ff6tcLe9T9OATDt8_ULjXOPcW_VEwjcgst_gWJyXlLk8kFzhEQ8U4cczc0q8rhXan3ttW7HmRDEDV8KnsBlR7w_OpBLIul8Ux-ekqxk7JQRCG5BDofwaG4FHXgseAQcSNnfrxT-Sxv4tR81nQkzj4mGNGvIkeGR4lLe74atqbG-AhXGjEA4z1SWEGE5llUB3Xx9N2SBQm1jdPLvNV1RxoxYEHdN8mKupjQ8vjFL4JaP6-vC4Y83rRavEMODQatPHuLKdBbZ7ZWGXFQe2Av7_k4I3al8IM4zupFW3SZOcXZFi0SpxQ0vtFWSOz3tzqD1m15OHVUevPtkKSlrr3HfXfBAsQiwpP-_cN-g_NYr1WRdjXExMir4u6NUhfAnu088ibTwcjhgyz5eHln_u7cR0SrYL8mhP5wuizBP6MedaPcrBkkiyQIX8TY7sO-sBOnU8JWdCANbMljO_Wx_i1T53Hh31pmZnkfS16uC0UX7gU38AMCd4DMNgXjvCjKKcDcSDlnIHICdZUCr1vCnFJz4RF0mpNfymw7z0y-PFHbKxpIb7SodpMVQTFRExWPkl8dIYtq6LtlOGFnD1PkdRwdHp8JBu3twhO4K7vLBC0SZXIGybTOilfBGGhAF7gXZ6sLYXUjqtIcwSbzZ4hy4wpfIZMhd-s2IUIhCn3A6dkW0EFBeKisNPfyVWmk4eRotSAc4uzeXo7C7DyvmLBSh1lmoLHUBbzfwtf219Oedx3nQi4UfqYDj7Cb2d9lY7157K36P92lrvFc4-tccIJNli_5a-6gzGKPGo_W1RE0LA-zESDncSgexZ8JeSTpIeBiS_iCJ4WwPsEC0eLM_WF2qBuXQCUFWQIegOcUWpgioQCiUA4z97sF9aWUsrX0ed8-T0E7MZ7lXgo3oQ95W39x6OqxA5arm3qyup7iGvruIJwKHo9f5GoZalbb5CDIYiGF91RkbJwWiAPEQq4QdsHucp5YUhgfzJlRcQlt_MgcQpm3SCZkh2Nv7HQZlj2z-ipbECfJRuHIaIee2MzstWv4ngjnnVZrDqLh8zXfXMW2K-VOeXZBxIqvwNq5xnqsorscKqMT93hs2HbgSGUESOrstlWrWmZcQJV3APOc211ez5Zvo5VPuXWu-bS-8QEH4MnKaMw8H3nq9--U5i3kd2g7_4G7e8y7ctwTTwz1ODvSEDKr9vGM3nwsSbrVMJwTMX8MMsHwNc-JTAk3SeVx9aV-v-ITjcOogssZQnBlflpnT7pLfU6H3IXSRNI-XiVjM2Bmcvf5xGhEg-Ruyub8AaO7V_cf4s5djvuOCsgwPIzgxaT0hD7CcBUiNYhOQxtlZMF2hvEYmZua0joWd1eZGZWJ02AVbPd0BgAB3R_w8EJXQEj8_IwIluqs5019pucTko4rPJPZqaebJ2y--1bag0gIRXjCFptQQskdnV8A8Y2DQURz7zcCIY1VfDwng0JTmXTrVbqx53MzD8m2HbKb55Y4x02dLVYUIJucsiu0T5e2BBY_91ar7VvsPIfjRWEo8B0zhtev_2naw--h-a-R2jUZ0J08_qmriyzCjC7FrYFK3_ZvzK1D_R-CVycX8BgYp_hyjUw7F92Ie6uzU5wxL2noSoAM0UayhMPGxsxhmiS1avL7sQA_pFSn2QDE248Joxu4ZdX-WsQeJRms1SgjReikTYKDcSC8R7ToWvU3UTqxwvpvuIohGZa_nhkzQZyqahBaPLA8vkh6vOjqRz3k5ZVgw1sGPOkKOPFwRTu2psgQG75otmQWjUgAOacgdpbdEeLBX68RGWsW-9HBDgipLxQbdCMgt-Q_EppcgiFuU4zUPTZgmrmAtZUBX8yEpXPEO-UhCd-H_FL4UgTBs6LPE5aMbvV-X_NJ4DJKk0cSOLY1BDr6qgmOugJ8sB7BuRk9lCUM19h41w3xkm1qDZvF6OkPR4EV2AlqGU4bkUIm8RXH69C0sk72GOC_4cYd4W_PCNJFZTrNOP1xUy0Gn67VrUPNg6ke9M4rb-zIKpijE900GKnvKa17G2VVDJfnrjoaxxT1HKiXxhSLiM7AILCcblqFvCApr4jyBpFQeq8fQRKrj8a7LcU-WhCD4EzYvimQ8CJV0m6n__tmAhiiy8goYh_GKwnpfzGd3yGJD9imeXbDZHCC31xoZg0HGkp-6dtidk2gEC5EmV-fYa-fV07YZpkmzN5PKILr5f7bQFGTAPx94Dm8RlLtyKzYS_vSgECLdk5UV0XQzuJMlZhmcyEt4OMvCX9aiRfqmv1vysAQ8IYKoaKRVHCrC2jUffayBiHOrVtSgQhdgw7IxqY_t5TwtRywybsfvPeUPcRm2mlt7YQ0i_DT_6ldDXBg8jXfVnOZCPTvgScfr3yvv-KKxxmYKLSUajYMnsgPdWPlKdeLZkiIz5og0bskFxiPz3UuolBoSrVQbRpaTxmSB90I46T3IsWnFTpPCFcYss-cXxekVZCUttboSu1nj8PfthW-cIjhVPJJmLnXH5-Oh5o0IQ26YVGLPKbLGUB1Wngzy6Snqm5su-iG9u09PWKYrvWxsKWBNovTXjPzMvemgSffmGBmQ9UOuSt51IBPqCKv4MxlnoX0_U8Asdkj2wfV-XhqYV52jmprf8IsqpCfmNRl6Xm7o9EyxaMK4lNdEmVR09LtOA9bKl6VW720hOGJ-JHKpLm7xpvYQGIpLXh8sqDjteFdCc9G3eFDC6rOoIBDrM2qtM9cwsx5zyzrrdXkOSl238f50ZD9ZXaXYqMxypPUfqiAI0sVcOPF-lh7HlddhvT1_Bav09ZiWCFy28wEs9EagIdZ2NmhvINC8ciO7NleYxMj3380X67zYEOPcmhJlj_SnItItoRLQ4cKh9UMel9P2c5wr4VXu-6bfvEF2mKJWFAyAGddUfo9d5ZREjUPV-wVkAGpWuPRl7XXxc1ouQi4318JebINup2_W_3bzDln6BFdTJsKk2_IatarbMxkieilG7gn1ghH6lhl0AmP-TM7aoYu_XfjU6HaaV1IqBRWZGukdBpvEXuU7wO-uZWeq39CHTwJix8EGI-KG5zMmJ7lAZ9OKoOjnW70yd4NMrMKwt3w3uwK97qxRAuyPtxDaTmvgP97ivF6XOwfzVSubVA6LGHN6qdh40OiNet61YsuXs7X2COSXBjELRi0mF9440Pw2yF3bJI4pGqIg9sg4syl_-lFR5R4NIPxO6kUyoCnWxC3-XADvXM46jcdQdEFwTIfFKFXkuAK0DqP8JxG9sjXq0D1q-gDfVbsNEsZW8leV0zBxU_yEjSCqi31hTYfneXFGuaNWwJOl5M12kMY7cFDwhK1PsPiRilRtzrqAh30q5nBWboPgwjUQ_YylHz7s5gg-wjQdHK4QzExxm1dttNPnf7s3k9BhGwda7TmfWKPrCoNR5n-rc-CbGED5DYhDDRCf0gQoiyA1WzQ7kdj61ASxRx4VmE4CRl6m0Ar9IjUQuoe4tgiK0LUgS4vwaBctKxCYdo7gYM1Mb57ltpQp_Mdvs_5XgIYeZalslt1xN1099zwf3CEqR1vEa77PGSvbreYCqIQaEiYtDflaQPXgY8-A5Li3ecb5Hvn_rJyHhmnKQnjiPjjOUBwPzeHMdgcndZZMizlToq5DFnxPssDbQ8Acu11tHzQfSTwvTmcGqx4zHhDakL8FpikR3b8lrEXCnzr7Nq6VZPG9dQHEnzvbiHDfxQxxeV-kBxub7famaz_3URi3YqlgefA97Gyr5yL7BEez8Ei4WX9T-7_qPhZXMyI7D5gF5JkRDdg9ZstOR7bwb68GqwW6ArVPO7ixJCxxIvyv9liKoqC8_zZMJjKZ4wpjDTAZNCk1qNOJrXvMfG37aI4Z6_oqiZlEuvU1kZ5IqMkQYAf_SALK5MBHo5ByBVubHYTXFVdSG54H58W2IfKy3e1YN9ZyLKdALhA3mSYLZBY&cid=CAQSPADICaaNJk0QsoOBIbZhkYIHGDe-J_znjhXWr3VVqhxBxY6srt3iZu7CZvJFXQRNzDDqd2EKqtFL9UFgHhgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.em.com.br%2F&ds=l&xdt=1&iif=1&cor=8962062580978825000&adk=3661671306&idt=174&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90e6acca4da0f2b5af47b18d98ac4f1addb4cf28ac7964dfe1f160ec0549b38e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42509
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bulk
trc.taboola.com/diariosassociados-em/log/3/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/diariosassociados-em/log/3/bulk?tvi2=10408&tvi48=10637&tvi50=9058&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Sat, 09 Dec 2023 22:15:02 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7430
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230041-FRA
pragma
no-cache
server
nginx
x-timer
S1702160103.548265,VS0,VE9
content-type
image/gif
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1627455/73523880/ Frame AB47 		255 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1627455/73523880/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-8007001547012283&ias_chanId=1&ias_placementId=20492285957&bidurl=http://www.em.com.br/&ias_dealId=&xsId=ABAjH0g2tYdpgUXWq1A4QZ1awDyz&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0g2tYdpgUXWq1A4QZ1awDyz
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.4.160 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-4-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9715d07dab2c950a54ddf985dad8855377362b8f85f9f01b79da760a0bb4a559

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame AB47 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
Origin
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 20:46:39 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame AB47 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3HoFqK27T6CRj9h4FwNLX3Rheatol2nY8fqX_YJ6w2nGR_G3qCZLfuqlhFW90mudiO4QNVS2_rACjqAt_zp-YNOvSvsPQeFhAA3tioBckk-y-6QeZibeFS-810VgEPljfjyC712foglILVL4u_PGzJFpkodVk6gBBxLbZ_T_t3_ZLUPc&dbm_d=AKAmf-C9ZAv1nPASXuXYzzsMMJuM-41XHneyli1GXcmTzBKw2UT2m7Zcf897toAoPLNwMMO_NZwYW7AuqhWtAmpShmLH4iEtsuO3eVJdlNCEzHzfPuYXivvEVvKmELPqXPvayekmgBsoKQ4nRwSIMLF83qiWhyNiqnl60pN1XYfnv2IQ-mpO1C4nMgtzxJuDaXWqbFxXu0aywhE-tHeWceIFWft8ovXgnPToABfJTqL-IXfrWvd5uJVNeauhODQ3v5N1ggAzu7-qBgq3a1vDnByHhJur9wPxle5jOzZgB_ow0Csy_nkJSRPMkA9zLaqrGRE8ZbtqlMU1kkQjMnd4ZYxa-ikFIaEUMe47klV4Wcvk-YrHUGeBnlCMOhS4MhxwM7DJPiMJfSTRgTmbzEk0QGfsxU4ZuZOthx2ePVpA_jL3iVSCteawGp8lvUw3zISl1pABsyPNUpd6p7QbP7RmApBZFyyPq-3TUVMkroT6iWgYNJe-CyQZIbqbM3q6KjgMJo6JpBbkuX7-hrZp95pTtyQF_aFjAozYYHfm1_1m_zUA1SGuJY36bbC9s0vRQNjivFfeYLot4FpgjlRKnKXY6xwgGiLFfxuPv_VB2128ACPZ_ubBrXDIjI4xffaTg0HILEi5drw0iRcTKsx6FCzw_Tnlp2Wnxvkt4YxHxmOXe_ZNCt4-bwFt-ot-QimwQHmcnSwt1WIyaNWgWWeNrbtDphTzVjvL5q6oycuJTKfXznwDcDktOge1EtjXCo2c5z9mcPY7eX-w7jtLtN_t6YjvfbrXf8ogBsgPhCQpHBo-x2WUx6rDcjq2vQsZ-0Ep8akygUMf3TGrJosTzEIxNLA5o0t7vXs4sSTheuQPcOhi029Nq7wnLwXYdceVkVJFoF3wNezSQ6rlXni90d3-zNlshLFm4R77lbY1BkOxHWai9lD4z0ro7k-tOwf0uOoMMAssxzVqDrPPBrDg396UAcZCDtC9IfoyG5ecwIfnK_1uc2bp8GMWWuZ6DqXRdvZHxWiwJdtQS9QQtOzOT-w0m-nkf7L0sgT4IVa8_YuyXFlXum9q61qm9olPi0yCt4TwzJ-pAho6apfDROfGYb1i2jxU8Op-YqpYLWu6sbu6SbFbg5sjzl5iFq2aOogaFJOzqAiaML_UkA6DE3tQLwjWaYA8kPQQFEvDglZ7HZFcgcisj8WWMBHkdgSAofwlncPV8Eq7si43HAxuWJnn-8kd_MM5_h4ogCjHlZi7L0TMx5CJ7u6JtmQk4Vti0R4i1Smscwrae23J7Sbtwn6SxXTYGUYggEtD8KCU7rQk86z1Vc3IbtIYUddr3a_XC4TrHNDJKX0kh6SHqpJGev49SYU_dbAVLtC7PN-rfAHCXctIYS3ovkDUUJX1g5bpLXq6xtjsfoqRlnLsDu1b7Euvjo_cKQCpdZ7BS2zZW8opcN0uEdqQLz0jmwpWyDFCLtSIjVqAWZ6bar_bCyaKuy1RNm_SgO-b0dF_X8tBAJ2mPGXxiorT5xzJi3LS5CF0Dqwyk2eRgH-vtOQrl8-bvIrNL1kV_G2i22dUIY23T-e3ocVMVtIzVjjxY6gOYNLIQ9XaLcbYgeMWJmvP1zAFCQTDkVvI_UgZP1jiyHiw0Pp64uCqmIRX4SRyLEsw2s0r0eMyGQUAgTG6jpQPG1yWNlmaJ2u85odEOrr8zagD8vuP8FIqKOl0du3YCdAPzSfQlZjk4pxWfdJdj16lVCZttdYk3dordUAYjiRRtV5q1aPsI0JUOLECxPbQWEilQwZ_Vv-FPP6aOuU01ieTHPZaZnSHWm6A4nOg-36Rtx-_MJEXXcZluHaDdfaYTGS2Urk8xD7LZrNIBn0bgtGSx6o4J_WNQU1U3mOFQ0xB1jruIFRfrYWgi81YvbzrMtHfjWnhnRdG2R5so8VUTGAVW_yhFuNqBG9Q95JOnMi8AXSg8rWygwalE52onyiE3XHt8v84nbtIr505ekhdoCZ6ER5Ff8-n3eMljWYD8r_uA3hZ_u0h4TPPXmDGMWOcEDOrrEENKcnj1thJaVm4EjBd03OZbaNDnYWqIa32mUUoxln6f1Iw_RE-5JNv0TsToHruaUurpFLHdU-Gwpwh8Lp_VHAeOQngbqMbvQHYC_I_-Rzb6DdpPKvRforhZYkXNfJnHPmxrEGeScu-mEe5Ny40g0mpTwMjd24IMmVOd3SaZbuA-A7gtZK3iVu8dWqCPisOq7-3qhYXv304CiON0QqaDNvXNbG0QbwYhBZA1IzIJNuOu03odB5nIaqme7yDD5HVHe45xvJgOkfaAR3yU3U_vO2URXmDJQkikd0MkdgLh6XTF-6Jj978tvSrihjO9jpjKgg363XotPh3-4ni5FUpzpQegfkKjgsNKwuJcqeM0BhYO5hY-U-2UFmA8po0Uiuqaz5lw37Yo6RJ5iHWT_K07JCmWziZDXP4RxSIexXCarYUk7kjywinh2rVU1twlUUCi-usEBOVe856phN2YivKbKIw8vjL4pvTPipCnVn-UrsWQSXcWW8qt7MxBVJv8fjphub5rY6TOPm7fJw9yMIHPM_xwlu7Mw6OMUohsUfZzl4CYPPH9WjK_qGbCCA24OPsw6Iyk-080v6ZY5XcyaqWwJXmWOB1kx368VuhytZ2cf9kz-YDW6oFr8rpL_dZuomQt_wAbzDusV74HwShJpGCrBMB3xo7HYe6saICFdOET0UzGFze4D7tI3-89VzrJoD5oZCWIvEvQ06kEpWbjwyRPv6tXGbz1IKET4SMDsPC9ywvprq8gNRx1w3JgCjK1guhQd9u0h9WS-n34U1SGS5fT_waHykDuXPpf6CEAJIhupAJAQDpDosLALWBOfISiD81FPrF5SEzivDDvxIq6SiaJtKgjZjkNW1diwMc0PwGwKBwDusLH9dFgyOSnnYP3FACfgCDJdVybryUtkBS7NlcTNcGp59qn35hxihfRPRQDTBsYeuDAEXWJJzg4eeTDI9_O6TwvXvWoYIqYaV2X7pnj2R4BuGm88HrZouZRQF9h7N9xkmklni4xfecB2U6LzKmhGHihHdtslXBaEpxAZ-7DXYpv9dSA6WYaDY7ZM1Ale8pXlnSER0LWx5m6f29nQyr46z9qXRIw9C6fgAxzOLczQAyNe6mblAeVSOwnPiOJs2iMSGmqYzsqN2wxwCbhandC7edQ0pvKJBrcEIcujfui0xx-0jW_iGg_AOrl_4kjMPPDP1gtHtES2JB7CavYpC1NeqTEtWzHcvJ3uL26aszdG9zzL4Rb0wYkjmxzyiAd8yZuRXkZy_4lhCsP_cYarjGFeQ8AC8NvXYTFi81XcrAKLR0uwPB9Gw2dRYHg2rWWiiHyCc2ZXWf_MTZh5y_nfZy1keuBnRVl80qWnZjCysttq-vkKBknMtUBho5QhvFmAzZ3V8yc4_xkAfZq3aihHs5dDDzSP5cG9i5dHjJ9jPbqWDoxK4r4DpHol6J38YUW5FQy0l7ohqowFDsBGf2hBeDBoU_38jXMuuLkRq0hLZEJVEob_jRpmZ4usP3mZZ-Ziy8gqTnbJ6SS0uRu-PZ6I3zeGKYlgHwVwtE_pNbYpZaji3HeVJ9NKDYxfogP2sa_e3J0pTGNbfTjo84oIkEoxvTEQhLgW7FiJdzTgjjDyUmHUFlKvSfM4Mr9D2DzrmTvMDGQky5khgkFfKntRIlMqZDcY9qksBdRXdUFDf3Yzh3ubWBvunYSeaSoivlEDQiMG7CGVRwTJ0DQtYLLK0mgvewYdbJlsKG_do3VbLLNWwuG51gJQy4MEw4nPkKxQTRXIDkdEkkuCgoGSxDNrC7Da45ksusR8VzgSySVu7CWSWqx-R8bx3GtS2BZHr7YgctIG8e5zMkMraC2HgKqvve5VODLZoZdofX7gWAQNBN2D82CFBhzvEV7sQZJmNVmE4nxZBx9JSnrA&cid=CAQSPADICaaNJk0QsoOBIbZhkYIHGDe-J_znjhXWr3VVqhxBxY6srt3iZu7CZvJFXQRNzDDqd2EKqtFL9UFgHhgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.em.com.br%2F&ds=l&xdt=1&iif=1&cor=1326240916652174600&adk=2004672171&idt=99&cac=0&dtd=45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 14:00:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
29645
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 14:00:57 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame AB47 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3HoFqK27T6CRj9h4FwNLX3Rheatol2nY8fqX_YJ6w2nGR_G3qCZLfuqlhFW90mudiO4QNVS2_rACjqAt_zp-YNOvSvsPQeFhAA3tioBckk-y-6QeZibeFS-810VgEPljfjyC712foglILVL4u_PGzJFpkodVk6gBBxLbZ_T_t3_ZLUPc&dbm_d=AKAmf-C9ZAv1nPASXuXYzzsMMJuM-41XHneyli1GXcmTzBKw2UT2m7Zcf897toAoPLNwMMO_NZwYW7AuqhWtAmpShmLH4iEtsuO3eVJdlNCEzHzfPuYXivvEVvKmELPqXPvayekmgBsoKQ4nRwSIMLF83qiWhyNiqnl60pN1XYfnv2IQ-mpO1C4nMgtzxJuDaXWqbFxXu0aywhE-tHeWceIFWft8ovXgnPToABfJTqL-IXfrWvd5uJVNeauhODQ3v5N1ggAzu7-qBgq3a1vDnByHhJur9wPxle5jOzZgB_ow0Csy_nkJSRPMkA9zLaqrGRE8ZbtqlMU1kkQjMnd4ZYxa-ikFIaEUMe47klV4Wcvk-YrHUGeBnlCMOhS4MhxwM7DJPiMJfSTRgTmbzEk0QGfsxU4ZuZOthx2ePVpA_jL3iVSCteawGp8lvUw3zISl1pABsyPNUpd6p7QbP7RmApBZFyyPq-3TUVMkroT6iWgYNJe-CyQZIbqbM3q6KjgMJo6JpBbkuX7-hrZp95pTtyQF_aFjAozYYHfm1_1m_zUA1SGuJY36bbC9s0vRQNjivFfeYLot4FpgjlRKnKXY6xwgGiLFfxuPv_VB2128ACPZ_ubBrXDIjI4xffaTg0HILEi5drw0iRcTKsx6FCzw_Tnlp2Wnxvkt4YxHxmOXe_ZNCt4-bwFt-ot-QimwQHmcnSwt1WIyaNWgWWeNrbtDphTzVjvL5q6oycuJTKfXznwDcDktOge1EtjXCo2c5z9mcPY7eX-w7jtLtN_t6YjvfbrXf8ogBsgPhCQpHBo-x2WUx6rDcjq2vQsZ-0Ep8akygUMf3TGrJosTzEIxNLA5o0t7vXs4sSTheuQPcOhi029Nq7wnLwXYdceVkVJFoF3wNezSQ6rlXni90d3-zNlshLFm4R77lbY1BkOxHWai9lD4z0ro7k-tOwf0uOoMMAssxzVqDrPPBrDg396UAcZCDtC9IfoyG5ecwIfnK_1uc2bp8GMWWuZ6DqXRdvZHxWiwJdtQS9QQtOzOT-w0m-nkf7L0sgT4IVa8_YuyXFlXum9q61qm9olPi0yCt4TwzJ-pAho6apfDROfGYb1i2jxU8Op-YqpYLWu6sbu6SbFbg5sjzl5iFq2aOogaFJOzqAiaML_UkA6DE3tQLwjWaYA8kPQQFEvDglZ7HZFcgcisj8WWMBHkdgSAofwlncPV8Eq7si43HAxuWJnn-8kd_MM5_h4ogCjHlZi7L0TMx5CJ7u6JtmQk4Vti0R4i1Smscwrae23J7Sbtwn6SxXTYGUYggEtD8KCU7rQk86z1Vc3IbtIYUddr3a_XC4TrHNDJKX0kh6SHqpJGev49SYU_dbAVLtC7PN-rfAHCXctIYS3ovkDUUJX1g5bpLXq6xtjsfoqRlnLsDu1b7Euvjo_cKQCpdZ7BS2zZW8opcN0uEdqQLz0jmwpWyDFCLtSIjVqAWZ6bar_bCyaKuy1RNm_SgO-b0dF_X8tBAJ2mPGXxiorT5xzJi3LS5CF0Dqwyk2eRgH-vtOQrl8-bvIrNL1kV_G2i22dUIY23T-e3ocVMVtIzVjjxY6gOYNLIQ9XaLcbYgeMWJmvP1zAFCQTDkVvI_UgZP1jiyHiw0Pp64uCqmIRX4SRyLEsw2s0r0eMyGQUAgTG6jpQPG1yWNlmaJ2u85odEOrr8zagD8vuP8FIqKOl0du3YCdAPzSfQlZjk4pxWfdJdj16lVCZttdYk3dordUAYjiRRtV5q1aPsI0JUOLECxPbQWEilQwZ_Vv-FPP6aOuU01ieTHPZaZnSHWm6A4nOg-36Rtx-_MJEXXcZluHaDdfaYTGS2Urk8xD7LZrNIBn0bgtGSx6o4J_WNQU1U3mOFQ0xB1jruIFRfrYWgi81YvbzrMtHfjWnhnRdG2R5so8VUTGAVW_yhFuNqBG9Q95JOnMi8AXSg8rWygwalE52onyiE3XHt8v84nbtIr505ekhdoCZ6ER5Ff8-n3eMljWYD8r_uA3hZ_u0h4TPPXmDGMWOcEDOrrEENKcnj1thJaVm4EjBd03OZbaNDnYWqIa32mUUoxln6f1Iw_RE-5JNv0TsToHruaUurpFLHdU-Gwpwh8Lp_VHAeOQngbqMbvQHYC_I_-Rzb6DdpPKvRforhZYkXNfJnHPmxrEGeScu-mEe5Ny40g0mpTwMjd24IMmVOd3SaZbuA-A7gtZK3iVu8dWqCPisOq7-3qhYXv304CiON0QqaDNvXNbG0QbwYhBZA1IzIJNuOu03odB5nIaqme7yDD5HVHe45xvJgOkfaAR3yU3U_vO2URXmDJQkikd0MkdgLh6XTF-6Jj978tvSrihjO9jpjKgg363XotPh3-4ni5FUpzpQegfkKjgsNKwuJcqeM0BhYO5hY-U-2UFmA8po0Uiuqaz5lw37Yo6RJ5iHWT_K07JCmWziZDXP4RxSIexXCarYUk7kjywinh2rVU1twlUUCi-usEBOVe856phN2YivKbKIw8vjL4pvTPipCnVn-UrsWQSXcWW8qt7MxBVJv8fjphub5rY6TOPm7fJw9yMIHPM_xwlu7Mw6OMUohsUfZzl4CYPPH9WjK_qGbCCA24OPsw6Iyk-080v6ZY5XcyaqWwJXmWOB1kx368VuhytZ2cf9kz-YDW6oFr8rpL_dZuomQt_wAbzDusV74HwShJpGCrBMB3xo7HYe6saICFdOET0UzGFze4D7tI3-89VzrJoD5oZCWIvEvQ06kEpWbjwyRPv6tXGbz1IKET4SMDsPC9ywvprq8gNRx1w3JgCjK1guhQd9u0h9WS-n34U1SGS5fT_waHykDuXPpf6CEAJIhupAJAQDpDosLALWBOfISiD81FPrF5SEzivDDvxIq6SiaJtKgjZjkNW1diwMc0PwGwKBwDusLH9dFgyOSnnYP3FACfgCDJdVybryUtkBS7NlcTNcGp59qn35hxihfRPRQDTBsYeuDAEXWJJzg4eeTDI9_O6TwvXvWoYIqYaV2X7pnj2R4BuGm88HrZouZRQF9h7N9xkmklni4xfecB2U6LzKmhGHihHdtslXBaEpxAZ-7DXYpv9dSA6WYaDY7ZM1Ale8pXlnSER0LWx5m6f29nQyr46z9qXRIw9C6fgAxzOLczQAyNe6mblAeVSOwnPiOJs2iMSGmqYzsqN2wxwCbhandC7edQ0pvKJBrcEIcujfui0xx-0jW_iGg_AOrl_4kjMPPDP1gtHtES2JB7CavYpC1NeqTEtWzHcvJ3uL26aszdG9zzL4Rb0wYkjmxzyiAd8yZuRXkZy_4lhCsP_cYarjGFeQ8AC8NvXYTFi81XcrAKLR0uwPB9Gw2dRYHg2rWWiiHyCc2ZXWf_MTZh5y_nfZy1keuBnRVl80qWnZjCysttq-vkKBknMtUBho5QhvFmAzZ3V8yc4_xkAfZq3aihHs5dDDzSP5cG9i5dHjJ9jPbqWDoxK4r4DpHol6J38YUW5FQy0l7ohqowFDsBGf2hBeDBoU_38jXMuuLkRq0hLZEJVEob_jRpmZ4usP3mZZ-Ziy8gqTnbJ6SS0uRu-PZ6I3zeGKYlgHwVwtE_pNbYpZaji3HeVJ9NKDYxfogP2sa_e3J0pTGNbfTjo84oIkEoxvTEQhLgW7FiJdzTgjjDyUmHUFlKvSfM4Mr9D2DzrmTvMDGQky5khgkFfKntRIlMqZDcY9qksBdRXdUFDf3Yzh3ubWBvunYSeaSoivlEDQiMG7CGVRwTJ0DQtYLLK0mgvewYdbJlsKG_do3VbLLNWwuG51gJQy4MEw4nPkKxQTRXIDkdEkkuCgoGSxDNrC7Da45ksusR8VzgSySVu7CWSWqx-R8bx3GtS2BZHr7YgctIG8e5zMkMraC2HgKqvve5VODLZoZdofX7gWAQNBN2D82CFBhzvEV7sQZJmNVmE4nxZBx9JSnrA&cid=CAQSPADICaaNJk0QsoOBIbZhkYIHGDe-J_znjhXWr3VVqhxBxY6srt3iZu7CZvJFXQRNzDDqd2EKqtFL9UFgHhgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.em.com.br%2F&ds=l&xdt=1&iif=1&cor=1326240916652174600&adk=2004672171&idt=99&cac=0&dtd=45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:11:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
11042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 19:11:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame AB47 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
73749
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 01:45:53 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F965 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5708
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Sun, 10 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.html
eus.rubiconproject.com/ Frame 73BA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Dec 2023 22:15:02 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 09 Dec 2023 22:15:02 GMT
location
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
server
AkamaiGHost
c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

Referer

Response headers

x-amz-version-id
3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Dec 2023 22:15:01 GMT
x-amz-request-id
Y67JKMS6K9CH728E
age
52
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1502
x-amz-id-2
B33MDroMXoHRPwonNfdEh7OgYAkG+9quij2d4vHLtZt++OAYVXybtbzTWUc4srBuEnmtpxf4yE0=
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Sun, 10 Jun 2018 13:23:55 GMT
server
AmazonS3
x-timer
S1702160101.355742,VS0,VE0
etag
"11d8569a7da0739259e3ac0b0d666e94"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
73
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
22
truncated
/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
bridge3.608.2_en.html
imasdk.googleapis.com/js/core/ Frame 7F5D 		750 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5cb453452cb7f5355d1d91b93b3305ab04e5d25a8fc005aeb0031c22ad75e283
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
162420
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
245949
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 01:08:02 GMT
expires
Sat, 07 Dec 2024 01:08:02 GMT
last-modified
Wed, 06 Dec 2023 01:36:01 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 09 Dec 2023 22:15:02 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4554 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 09 Dec 2023 22:55:44 GMT
v.php
stg.truvidplayer.com/v5.832/ 		197 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/v5.832/v.php?st=asVF0YzjOxpXEIDAclFFfg&e=1702246502&ver=5.832&adid=d82bf5ba17b5a31f29e1a6df8cf7a23a39f8ac37&videoUrl=https://vid869.trvdp.com/media/9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d/hls/9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d.m3u8&height=360&width=640&pageHref=http%253A%252F%252Fwww.em.com.br%252F&videoId=9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d&d=em.com.br&wid=6558&suid=869&env_browser=Chrome%20120.0.6099
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-89.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
d64dde2d9531c2eb5ed9b8021f6caaa889bb2d3ec11b2a65ba82443bfd618301

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
gzip
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
text/xml;charset=UTF-8
access-control-allow-origin
http://www.em.com.br
access-control-allow-credentials
true
x-amz-cf-id
3uWj2uS_pCIZzs1nXxJwwmNWRe16LBBUXd45JI32ZEkXwKolAvMe_A==
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?_fw_gdpr=0&_fw_gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=32d5e41d9416ce265cc4c5fae2cdaf&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1667_7311293824205594893&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/32d5e41d9416ce265cc4c5fae2cdaf?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-JyG2HA5E2oNUUjXt4Vh34w9YiFvLVsPuHTnZRTvp~A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:03 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 22:15:03 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702160103000025-557
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=32d5e41d9416ce265cc4c5fae2cdaf&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=32d5e41d9416ce265cc4c5fae2cdaf&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 22:15:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9S69Z8E5KV21JXTQ365B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 22:15:02 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=32d5e41d9416ce265cc4c5fae2cdaf&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1702160102646058-565
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=EUuOSLbwbwigi2P/dqaennxkVh9pWIOgJvYDtD1Pyqn0ZIHc5/q3zioRVUAndevW05MG5WynEw1IlZcXXYb3nVzjPtDNSwKvo1SWDrkNq78CPWKcgwzCBCCB8ZvHdeWScm1q7ZBWK2Aou9X45pDVbkjotVgY37AkQlqT4THHqgbd2+mANshl7CejErH0V/I5wG5M/fDwYGSq4ssup0Y8TH0wcoXjOpdJe1AvFvpo2FE/OdRTAcGpdRMvTzNcDOfTA8fX5nWOZw8Xo53Xfao6xDmT81iVHua2bwCEeCPbNWJwYOQfFbfQcdgUVyb+UOIR&cb=23302025
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-58-110.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
server
nginx/1.6.2
truncated
/ Frame AB47 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0713d786e7a4ac5eb44e8d6a99f11db878af25c55068653aca40675a1b0c1f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 73BA 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa849a8f2c4f93d1e474e70bf056c61c02fff1efa7e79a5f022693d052cb5f63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sat, 09 Dec 2023 22:15:02 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Dec 2023 02:27:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15128
Connection
keep-alive
Content-Length
13233
Expires
Sun, 10 Dec 2023 02:27:10 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1627455/73523880/ Frame FA80 		255 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1627455/73523880/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-8007001547012283&ias_chanId=1&ias_placementId=20492285957&bidurl=http://www.em.com.br/&ias_dealId=&xsId=ABAjH0inHVy-3vtOlSXaSaSHhYa3&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0inHVy-3vtOlSXaSaSHhYa3
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.4.160 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-4-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f60ffca9be5cbc4640d7969b29077f38a61ec08544826effe2d86de72dc3051d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame FA80 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
Origin
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 20:46:39 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame FA80 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cpcpxfh8GvMM6zSJ4osJuN0nEP9-eJ34LURlPw6mzgwzfFRW5louN5AuidsTKOgk9GnHDKTzi9LUOzGdbSAv471QSJhWCvfGA3r1oCLbD1RVsMhMcEGEFV_cvMq9OIWxtqIeMlNL5COSWBJm0r65rOsOgxj1rviFdhVMZDpiWH8WRb3fY&dbm_d=AKAmf-B9CEY1N-YUMTSL_oYA4ff6tcLe9T9OATDt8_ULjXOPcW_VEwjcgst_gWJyXlLk8kFzhEQ8U4cczc0q8rhXan3ttW7HmRDEDV8KnsBlR7w_OpBLIul8Ux-ekqxk7JQRCG5BDofwaG4FHXgseAQcSNnfrxT-Sxv4tR81nQkzj4mGNGvIkeGR4lLe74atqbG-AhXGjEA4z1SWEGE5llUB3Xx9N2SBQm1jdPLvNV1RxoxYEHdN8mKupjQ8vjFL4JaP6-vC4Y83rRavEMODQatPHuLKdBbZ7ZWGXFQe2Av7_k4I3al8IM4zupFW3SZOcXZFi0SpxQ0vtFWSOz3tzqD1m15OHVUevPtkKSlrr3HfXfBAsQiwpP-_cN-g_NYr1WRdjXExMir4u6NUhfAnu088ibTwcjhgyz5eHln_u7cR0SrYL8mhP5wuizBP6MedaPcrBkkiyQIX8TY7sO-sBOnU8JWdCANbMljO_Wx_i1T53Hh31pmZnkfS16uC0UX7gU38AMCd4DMNgXjvCjKKcDcSDlnIHICdZUCr1vCnFJz4RF0mpNfymw7z0y-PFHbKxpIb7SodpMVQTFRExWPkl8dIYtq6LtlOGFnD1PkdRwdHp8JBu3twhO4K7vLBC0SZXIGybTOilfBGGhAF7gXZ6sLYXUjqtIcwSbzZ4hy4wpfIZMhd-s2IUIhCn3A6dkW0EFBeKisNPfyVWmk4eRotSAc4uzeXo7C7DyvmLBSh1lmoLHUBbzfwtf219Oedx3nQi4UfqYDj7Cb2d9lY7157K36P92lrvFc4-tccIJNli_5a-6gzGKPGo_W1RE0LA-zESDncSgexZ8JeSTpIeBiS_iCJ4WwPsEC0eLM_WF2qBuXQCUFWQIegOcUWpgioQCiUA4z97sF9aWUsrX0ed8-T0E7MZ7lXgo3oQ95W39x6OqxA5arm3qyup7iGvruIJwKHo9f5GoZalbb5CDIYiGF91RkbJwWiAPEQq4QdsHucp5YUhgfzJlRcQlt_MgcQpm3SCZkh2Nv7HQZlj2z-ipbECfJRuHIaIee2MzstWv4ngjnnVZrDqLh8zXfXMW2K-VOeXZBxIqvwNq5xnqsorscKqMT93hs2HbgSGUESOrstlWrWmZcQJV3APOc211ez5Zvo5VPuXWu-bS-8QEH4MnKaMw8H3nq9--U5i3kd2g7_4G7e8y7ctwTTwz1ODvSEDKr9vGM3nwsSbrVMJwTMX8MMsHwNc-JTAk3SeVx9aV-v-ITjcOogssZQnBlflpnT7pLfU6H3IXSRNI-XiVjM2Bmcvf5xGhEg-Ruyub8AaO7V_cf4s5djvuOCsgwPIzgxaT0hD7CcBUiNYhOQxtlZMF2hvEYmZua0joWd1eZGZWJ02AVbPd0BgAB3R_w8EJXQEj8_IwIluqs5019pucTko4rPJPZqaebJ2y--1bag0gIRXjCFptQQskdnV8A8Y2DQURz7zcCIY1VfDwng0JTmXTrVbqx53MzD8m2HbKb55Y4x02dLVYUIJucsiu0T5e2BBY_91ar7VvsPIfjRWEo8B0zhtev_2naw--h-a-R2jUZ0J08_qmriyzCjC7FrYFK3_ZvzK1D_R-CVycX8BgYp_hyjUw7F92Ie6uzU5wxL2noSoAM0UayhMPGxsxhmiS1avL7sQA_pFSn2QDE248Joxu4ZdX-WsQeJRms1SgjReikTYKDcSC8R7ToWvU3UTqxwvpvuIohGZa_nhkzQZyqahBaPLA8vkh6vOjqRz3k5ZVgw1sGPOkKOPFwRTu2psgQG75otmQWjUgAOacgdpbdEeLBX68RGWsW-9HBDgipLxQbdCMgt-Q_EppcgiFuU4zUPTZgmrmAtZUBX8yEpXPEO-UhCd-H_FL4UgTBs6LPE5aMbvV-X_NJ4DJKk0cSOLY1BDr6qgmOugJ8sB7BuRk9lCUM19h41w3xkm1qDZvF6OkPR4EV2AlqGU4bkUIm8RXH69C0sk72GOC_4cYd4W_PCNJFZTrNOP1xUy0Gn67VrUPNg6ke9M4rb-zIKpijE900GKnvKa17G2VVDJfnrjoaxxT1HKiXxhSLiM7AILCcblqFvCApr4jyBpFQeq8fQRKrj8a7LcU-WhCD4EzYvimQ8CJV0m6n__tmAhiiy8goYh_GKwnpfzGd3yGJD9imeXbDZHCC31xoZg0HGkp-6dtidk2gEC5EmV-fYa-fV07YZpkmzN5PKILr5f7bQFGTAPx94Dm8RlLtyKzYS_vSgECLdk5UV0XQzuJMlZhmcyEt4OMvCX9aiRfqmv1vysAQ8IYKoaKRVHCrC2jUffayBiHOrVtSgQhdgw7IxqY_t5TwtRywybsfvPeUPcRm2mlt7YQ0i_DT_6ldDXBg8jXfVnOZCPTvgScfr3yvv-KKxxmYKLSUajYMnsgPdWPlKdeLZkiIz5og0bskFxiPz3UuolBoSrVQbRpaTxmSB90I46T3IsWnFTpPCFcYss-cXxekVZCUttboSu1nj8PfthW-cIjhVPJJmLnXH5-Oh5o0IQ26YVGLPKbLGUB1Wngzy6Snqm5su-iG9u09PWKYrvWxsKWBNovTXjPzMvemgSffmGBmQ9UOuSt51IBPqCKv4MxlnoX0_U8Asdkj2wfV-XhqYV52jmprf8IsqpCfmNRl6Xm7o9EyxaMK4lNdEmVR09LtOA9bKl6VW720hOGJ-JHKpLm7xpvYQGIpLXh8sqDjteFdCc9G3eFDC6rOoIBDrM2qtM9cwsx5zyzrrdXkOSl238f50ZD9ZXaXYqMxypPUfqiAI0sVcOPF-lh7HlddhvT1_Bav09ZiWCFy28wEs9EagIdZ2NmhvINC8ciO7NleYxMj3380X67zYEOPcmhJlj_SnItItoRLQ4cKh9UMel9P2c5wr4VXu-6bfvEF2mKJWFAyAGddUfo9d5ZREjUPV-wVkAGpWuPRl7XXxc1ouQi4318JebINup2_W_3bzDln6BFdTJsKk2_IatarbMxkieilG7gn1ghH6lhl0AmP-TM7aoYu_XfjU6HaaV1IqBRWZGukdBpvEXuU7wO-uZWeq39CHTwJix8EGI-KG5zMmJ7lAZ9OKoOjnW70yd4NMrMKwt3w3uwK97qxRAuyPtxDaTmvgP97ivF6XOwfzVSubVA6LGHN6qdh40OiNet61YsuXs7X2COSXBjELRi0mF9440Pw2yF3bJI4pGqIg9sg4syl_-lFR5R4NIPxO6kUyoCnWxC3-XADvXM46jcdQdEFwTIfFKFXkuAK0DqP8JxG9sjXq0D1q-gDfVbsNEsZW8leV0zBxU_yEjSCqi31hTYfneXFGuaNWwJOl5M12kMY7cFDwhK1PsPiRilRtzrqAh30q5nBWboPgwjUQ_YylHz7s5gg-wjQdHK4QzExxm1dttNPnf7s3k9BhGwda7TmfWKPrCoNR5n-rc-CbGED5DYhDDRCf0gQoiyA1WzQ7kdj61ASxRx4VmE4CRl6m0Ar9IjUQuoe4tgiK0LUgS4vwaBctKxCYdo7gYM1Mb57ltpQp_Mdvs_5XgIYeZalslt1xN1099zwf3CEqR1vEa77PGSvbreYCqIQaEiYtDflaQPXgY8-A5Li3ecb5Hvn_rJyHhmnKQnjiPjjOUBwPzeHMdgcndZZMizlToq5DFnxPssDbQ8Acu11tHzQfSTwvTmcGqx4zHhDakL8FpikR3b8lrEXCnzr7Nq6VZPG9dQHEnzvbiHDfxQxxeV-kBxub7famaz_3URi3YqlgefA97Gyr5yL7BEez8Ei4WX9T-7_qPhZXMyI7D5gF5JkRDdg9ZstOR7bwb68GqwW6ArVPO7ixJCxxIvyv9liKoqC8_zZMJjKZ4wpjDTAZNCk1qNOJrXvMfG37aI4Z6_oqiZlEuvU1kZ5IqMkQYAf_SALK5MBHo5ByBVubHYTXFVdSG54H58W2IfKy3e1YN9ZyLKdALhA3mSYLZBY&cid=CAQSPADICaaNJk0QsoOBIbZhkYIHGDe-J_znjhXWr3VVqhxBxY6srt3iZu7CZvJFXQRNzDDqd2EKqtFL9UFgHhgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.em.com.br%2F&ds=l&xdt=1&iif=1&cor=8962062580978825000&adk=3661671306&idt=174&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 14:00:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
29645
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 14:00:57 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame FA80 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cpcpxfh8GvMM6zSJ4osJuN0nEP9-eJ34LURlPw6mzgwzfFRW5louN5AuidsTKOgk9GnHDKTzi9LUOzGdbSAv471QSJhWCvfGA3r1oCLbD1RVsMhMcEGEFV_cvMq9OIWxtqIeMlNL5COSWBJm0r65rOsOgxj1rviFdhVMZDpiWH8WRb3fY&dbm_d=AKAmf-B9CEY1N-YUMTSL_oYA4ff6tcLe9T9OATDt8_ULjXOPcW_VEwjcgst_gWJyXlLk8kFzhEQ8U4cczc0q8rhXan3ttW7HmRDEDV8KnsBlR7w_OpBLIul8Ux-ekqxk7JQRCG5BDofwaG4FHXgseAQcSNnfrxT-Sxv4tR81nQkzj4mGNGvIkeGR4lLe74atqbG-AhXGjEA4z1SWEGE5llUB3Xx9N2SBQm1jdPLvNV1RxoxYEHdN8mKupjQ8vjFL4JaP6-vC4Y83rRavEMODQatPHuLKdBbZ7ZWGXFQe2Av7_k4I3al8IM4zupFW3SZOcXZFi0SpxQ0vtFWSOz3tzqD1m15OHVUevPtkKSlrr3HfXfBAsQiwpP-_cN-g_NYr1WRdjXExMir4u6NUhfAnu088ibTwcjhgyz5eHln_u7cR0SrYL8mhP5wuizBP6MedaPcrBkkiyQIX8TY7sO-sBOnU8JWdCANbMljO_Wx_i1T53Hh31pmZnkfS16uC0UX7gU38AMCd4DMNgXjvCjKKcDcSDlnIHICdZUCr1vCnFJz4RF0mpNfymw7z0y-PFHbKxpIb7SodpMVQTFRExWPkl8dIYtq6LtlOGFnD1PkdRwdHp8JBu3twhO4K7vLBC0SZXIGybTOilfBGGhAF7gXZ6sLYXUjqtIcwSbzZ4hy4wpfIZMhd-s2IUIhCn3A6dkW0EFBeKisNPfyVWmk4eRotSAc4uzeXo7C7DyvmLBSh1lmoLHUBbzfwtf219Oedx3nQi4UfqYDj7Cb2d9lY7157K36P92lrvFc4-tccIJNli_5a-6gzGKPGo_W1RE0LA-zESDncSgexZ8JeSTpIeBiS_iCJ4WwPsEC0eLM_WF2qBuXQCUFWQIegOcUWpgioQCiUA4z97sF9aWUsrX0ed8-T0E7MZ7lXgo3oQ95W39x6OqxA5arm3qyup7iGvruIJwKHo9f5GoZalbb5CDIYiGF91RkbJwWiAPEQq4QdsHucp5YUhgfzJlRcQlt_MgcQpm3SCZkh2Nv7HQZlj2z-ipbECfJRuHIaIee2MzstWv4ngjnnVZrDqLh8zXfXMW2K-VOeXZBxIqvwNq5xnqsorscKqMT93hs2HbgSGUESOrstlWrWmZcQJV3APOc211ez5Zvo5VPuXWu-bS-8QEH4MnKaMw8H3nq9--U5i3kd2g7_4G7e8y7ctwTTwz1ODvSEDKr9vGM3nwsSbrVMJwTMX8MMsHwNc-JTAk3SeVx9aV-v-ITjcOogssZQnBlflpnT7pLfU6H3IXSRNI-XiVjM2Bmcvf5xGhEg-Ruyub8AaO7V_cf4s5djvuOCsgwPIzgxaT0hD7CcBUiNYhOQxtlZMF2hvEYmZua0joWd1eZGZWJ02AVbPd0BgAB3R_w8EJXQEj8_IwIluqs5019pucTko4rPJPZqaebJ2y--1bag0gIRXjCFptQQskdnV8A8Y2DQURz7zcCIY1VfDwng0JTmXTrVbqx53MzD8m2HbKb55Y4x02dLVYUIJucsiu0T5e2BBY_91ar7VvsPIfjRWEo8B0zhtev_2naw--h-a-R2jUZ0J08_qmriyzCjC7FrYFK3_ZvzK1D_R-CVycX8BgYp_hyjUw7F92Ie6uzU5wxL2noSoAM0UayhMPGxsxhmiS1avL7sQA_pFSn2QDE248Joxu4ZdX-WsQeJRms1SgjReikTYKDcSC8R7ToWvU3UTqxwvpvuIohGZa_nhkzQZyqahBaPLA8vkh6vOjqRz3k5ZVgw1sGPOkKOPFwRTu2psgQG75otmQWjUgAOacgdpbdEeLBX68RGWsW-9HBDgipLxQbdCMgt-Q_EppcgiFuU4zUPTZgmrmAtZUBX8yEpXPEO-UhCd-H_FL4UgTBs6LPE5aMbvV-X_NJ4DJKk0cSOLY1BDr6qgmOugJ8sB7BuRk9lCUM19h41w3xkm1qDZvF6OkPR4EV2AlqGU4bkUIm8RXH69C0sk72GOC_4cYd4W_PCNJFZTrNOP1xUy0Gn67VrUPNg6ke9M4rb-zIKpijE900GKnvKa17G2VVDJfnrjoaxxT1HKiXxhSLiM7AILCcblqFvCApr4jyBpFQeq8fQRKrj8a7LcU-WhCD4EzYvimQ8CJV0m6n__tmAhiiy8goYh_GKwnpfzGd3yGJD9imeXbDZHCC31xoZg0HGkp-6dtidk2gEC5EmV-fYa-fV07YZpkmzN5PKILr5f7bQFGTAPx94Dm8RlLtyKzYS_vSgECLdk5UV0XQzuJMlZhmcyEt4OMvCX9aiRfqmv1vysAQ8IYKoaKRVHCrC2jUffayBiHOrVtSgQhdgw7IxqY_t5TwtRywybsfvPeUPcRm2mlt7YQ0i_DT_6ldDXBg8jXfVnOZCPTvgScfr3yvv-KKxxmYKLSUajYMnsgPdWPlKdeLZkiIz5og0bskFxiPz3UuolBoSrVQbRpaTxmSB90I46T3IsWnFTpPCFcYss-cXxekVZCUttboSu1nj8PfthW-cIjhVPJJmLnXH5-Oh5o0IQ26YVGLPKbLGUB1Wngzy6Snqm5su-iG9u09PWKYrvWxsKWBNovTXjPzMvemgSffmGBmQ9UOuSt51IBPqCKv4MxlnoX0_U8Asdkj2wfV-XhqYV52jmprf8IsqpCfmNRl6Xm7o9EyxaMK4lNdEmVR09LtOA9bKl6VW720hOGJ-JHKpLm7xpvYQGIpLXh8sqDjteFdCc9G3eFDC6rOoIBDrM2qtM9cwsx5zyzrrdXkOSl238f50ZD9ZXaXYqMxypPUfqiAI0sVcOPF-lh7HlddhvT1_Bav09ZiWCFy28wEs9EagIdZ2NmhvINC8ciO7NleYxMj3380X67zYEOPcmhJlj_SnItItoRLQ4cKh9UMel9P2c5wr4VXu-6bfvEF2mKJWFAyAGddUfo9d5ZREjUPV-wVkAGpWuPRl7XXxc1ouQi4318JebINup2_W_3bzDln6BFdTJsKk2_IatarbMxkieilG7gn1ghH6lhl0AmP-TM7aoYu_XfjU6HaaV1IqBRWZGukdBpvEXuU7wO-uZWeq39CHTwJix8EGI-KG5zMmJ7lAZ9OKoOjnW70yd4NMrMKwt3w3uwK97qxRAuyPtxDaTmvgP97ivF6XOwfzVSubVA6LGHN6qdh40OiNet61YsuXs7X2COSXBjELRi0mF9440Pw2yF3bJI4pGqIg9sg4syl_-lFR5R4NIPxO6kUyoCnWxC3-XADvXM46jcdQdEFwTIfFKFXkuAK0DqP8JxG9sjXq0D1q-gDfVbsNEsZW8leV0zBxU_yEjSCqi31hTYfneXFGuaNWwJOl5M12kMY7cFDwhK1PsPiRilRtzrqAh30q5nBWboPgwjUQ_YylHz7s5gg-wjQdHK4QzExxm1dttNPnf7s3k9BhGwda7TmfWKPrCoNR5n-rc-CbGED5DYhDDRCf0gQoiyA1WzQ7kdj61ASxRx4VmE4CRl6m0Ar9IjUQuoe4tgiK0LUgS4vwaBctKxCYdo7gYM1Mb57ltpQp_Mdvs_5XgIYeZalslt1xN1099zwf3CEqR1vEa77PGSvbreYCqIQaEiYtDflaQPXgY8-A5Li3ecb5Hvn_rJyHhmnKQnjiPjjOUBwPzeHMdgcndZZMizlToq5DFnxPssDbQ8Acu11tHzQfSTwvTmcGqx4zHhDakL8FpikR3b8lrEXCnzr7Nq6VZPG9dQHEnzvbiHDfxQxxeV-kBxub7famaz_3URi3YqlgefA97Gyr5yL7BEez8Ei4WX9T-7_qPhZXMyI7D5gF5JkRDdg9ZstOR7bwb68GqwW6ArVPO7ixJCxxIvyv9liKoqC8_zZMJjKZ4wpjDTAZNCk1qNOJrXvMfG37aI4Z6_oqiZlEuvU1kZ5IqMkQYAf_SALK5MBHo5ByBVubHYTXFVdSG54H58W2IfKy3e1YN9ZyLKdALhA3mSYLZBY&cid=CAQSPADICaaNJk0QsoOBIbZhkYIHGDe-J_znjhXWr3VVqhxBxY6srt3iZu7CZvJFXQRNzDDqd2EKqtFL9UFgHhgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.em.com.br%2F&ds=l&xdt=1&iif=1&cor=8962062580978825000&adk=3661671306&idt=174&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:11:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
11042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 19:11:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame FA80 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
73749
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Dec 2024 01:45:53 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame C5EF 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
48199
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 08:51:43 GMT
expires
Sun, 08 Dec 2024 08:51:43 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sat, 09 Dec 2023 22:15:02 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
28410
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1702160103.879636,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
27
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
12768
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F965
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM_DamCsulEkLP5-X3BhybU&google_cver=1&google_push=AXcoOmT0EQyLYznV-hnP6253oD_qG4J5_5xJ9fL0U3keDJcWO3RFHTgZw_M7bvHafc6DQrT77Wg2EodGwWZpuG03tbXm1qAfLIX8iA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjYwOTAyMDQzMjk2NDIzMTcxNQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM_DamCsulEkLP5-X3BhybU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM_DamCsulEkLP5-X3BhybU&google_cver=1
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM_DamCsulEkLP5-X3BhybU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame F965 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEALmoCPXO4zaDJXc8VXCu9Y&google_cver=1&google_push=AXcoOmRJel3KaYw7bIaWJ2meLUjPVRWsYN2jAr5K2v9aXPGOdd17eGZbvVC_j4EhCc7tRELdJKG1sECXU0pE2dX8a7TpqdgrKLn6qA
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F965
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJBh444fyGCg6vqABLekkqI&google_cver=1&google_push=AXcoOmRTFhe69ZokOLQa-zCntgAcjM6x0mSZf9ZkSjRemyrZUzjPSpGpuq8V8s2XdEJ481DNp4R4ccyVK_QKJocjRgkBEsi...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRTFhe69ZokOLQa-zCntgAcjM6x0mSZf9ZkSjRemyrZUzjPSpGpuq8V8s2XdEJ481DNp4R4ccyVK_QKJocjRgkBEsilbfoWmw&google_hm=eS0uVG4uTF9KRTJwRnZM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRTFhe69ZokOLQa-zCntgAcjM6x0mSZf9ZkSjRemyrZUzjPSpGpuq8V8s2XdEJ481DNp4R4ccyVK_QKJocjRgkBEsilbfoWmw&google_hm=eS0uVG4uTF9KRTJwRnZMeHRLTlhGbzJuVGp3NUVKc1BPNH5B
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Dec 2023 22:15:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRTFhe69ZokOLQa-zCntgAcjM6x0mSZf9ZkSjRemyrZUzjPSpGpuq8V8s2XdEJ481DNp4R4ccyVK_QKJocjRgkBEsilbfoWmw&google_hm=eS0uVG4uTF9KRTJwRnZMeHRLTlhGbzJuVGp3NUVKc1BPNH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame F965
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIluAescMrZFzsvgyefa28E&google_cver=1&google_push=AXcoOmRJWZsGaBpqQbfM2En92i_abAEDNBVFyQ5LR8bVuEEzoX0ZtBvoNzk7BlBwISQwsRlatg_R8JoHMP2Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRJWZsGaBpqQbfM2En92i_abAEDNBVFyQ5LR8bVuEEzoX0ZtBvoNzk7BlBwISQwsRlatg_R8JoHMP2Q68yjkGhYbBV8Az8uGA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRJWZsGaBpqQbfM2En92i_abAEDNBVFyQ5LR8bVuEEzoX0ZtBvoNzk7BlBwISQwsRlatg_R8JoHMP2Q68yjkGhYbBV8Az8uGA
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRJWZsGaBpqQbfM2En92i_abAEDNBVFyQ5LR8bVuEEzoX0ZtBvoNzk7BlBwISQwsRlatg_R8JoHMP2Q68yjkGhYbBV8Az8uGA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync.smartadserver.com/api/ Frame F965 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAjAjC4U9ai51gXj5_LA6b8&google_cver=1&google_push=AXcoOmQ57pMWQCAPgwmfiOj2QrhXytkjIiQUCeRgcotmNV_NjEJXZP9Qrvg-xdlU1hDgzLRtHTZsZyHmDF-orqX04EXgFdZTia9Ouw
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:01 GMT
content-length
0
report
sync.teads.tv/um/ Frame F965
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEECUdJQ3t8oU...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRy0y1JBmB64z9sX4QE_AmQXbuV4-Kfj_HSFFsRzbOsU963fMLwsvpheN37ir_IkeIITlN9apozKkBxwq4aIJmiDNA-jcYQJMI
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.52.123.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-123-144.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Sat, 09 Dec 2023 22:15:03 GMT
pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F965
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEHzl04Og-_djKauk4pgmUpg&google_cver=1&google_push=AXcoOmSeFHQHkdaa6...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTg3NzEwMjIxOTc4MDY4MDk4&google_gid=CAESEHzl04Og-_djKauk4pgmUpg&google_cver=1&google_push=AXcoOmSeFHQHkdaa6ubyfbuT-1JY_5akdGi2QI2HnF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTg3NzEwMjIxOTc4MDY4MDk4&google_gid=CAESEHzl04Og-_djKauk4pgmUpg&google_cver=1&google_push=AXcoOmSeFHQHkdaa6ubyfbuT-1JY_5akdGi2QI2HnFYL7TFVE56tb7ExA_iYKHSNzdswwUPqjAPbJMaL7u6xYcVFfTDphWzjOX3AWQo
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
an-x-request-uuid
90442443-1635-425d-8f00-ed64534c43ce
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTg3NzEwMjIxOTc4MDY4MDk4&google_gid=CAESEHzl04Og-_djKauk4pgmUpg&google_cver=1&google_push=AXcoOmSeFHQHkdaa6ubyfbuT-1JY_5akdGi2QI2HnFYL7TFVE56tb7ExA_iYKHSNzdswwUPqjAPbJMaL7u6xYcVFfTDphWzjOX3AWQo
x-proxy-origin
80.255.10.199; 80.255.10.199; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F965 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LURj2I_uMS-coAlNqRLDZYWquXU6zRmMYU-LSBwO3Qh3p4RJ5k9Hfn5L3fiPtkiyCBEUqYRZY
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B88F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5708
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Sun, 10 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame FA80 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df87ca4c937c81f38449c13404f4ada44b47652c88bb6e71ec38ee8b3a0e1d45

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/1064608057035189096/ Frame F29F 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3477a72ef1db732762ffb13ba55d7df867b64c2abf5f88a1fdff29e6dbe374d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
72001
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1879
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 02:15:01 GMT
expires
Sun, 08 Dec 2024 02:15:01 GMT
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame AB47 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvDw9NZDZGNPZ03oImiQSQgo8S8ZNibiMSoNTN0iYAD3QMdNL6c9eiRG7hEK6451CBk-HKMTPClpbH1j1nDoUGw7mwXTOzeXI471YHF55SfMsROGuFL4pieWon4gwZwzCaXxVKW1Dwb1DXLgDx5CnFXJJezWWQ-MC_UXdOW74GALP0kOpZr3b4FUT-Op45Fas4LacWhBXx77G6cFQGW61n63T73K-oMtOisEDLN1e_u5Cdz4wKPNRHQeOKPLBdXw8OegB292z2R7ub8s8YYZVFk8HQoj4uj5flcidLIconX84248d_Uk_fvyZ5LowXrD85ge6KMLAMmHESC1HY-zolCjMP9uqKu8KxyXUKyZzt3_MA1ArUx7L1Lz7wfBa4kAYF89Fu94wgHc1bpk_EAF6raboxYgqD1GBRXJhoGDTE6SLPPtUBP_SMDObpfjcTpb_nxvY7CTuIJrmHvqnf_GLwb8o7M-VdJsy4cw5qBovbl65_GIdliAYvfBPV1lH8cnleaCFj8K3HKogSKAgvwsQ5Ebq3nWGw06oLZ--Owp3MUZJj25BBcSCEq7BjLGDEFRenzvFd14yBX9ZJ9riC_X9v6G-5j6IrdJmG2tgN1QTql_QHwbwvuFbhirLO5h1leXkH6uNxJOIGrwW-rdfqUDliy08BBH7qwnNbKmHoQf9i22SAK_C4FF4BphA9ga4ITFY0gQ2EdDSXmImtxyLKGG35RzwYeBv69jpcMsb0wetlcKrX53wlRU9kkTy3LDA41Ywu5u_Eyk7jRekDoq3fkURxLqg_HV7Hv-t-4I908FWWhJPhqIaUPwOhskpyLELdpj1TSqMsoTauUPZAfNYC7VZDGqDjviKgS1ZMDZ-9hrthBU1pCPc_Gek_q83QpcGWv4iIqQSUm0uVMa3sCShHDVcjih8FMYqjasldqA6bHHVXPvlIGlpq8hqMVDT6OpLDPcZ1qq2wA0yMZA9EeAWfAex01r1gIOi11c1hMF-F93TuKD1MiE7AaEFEUMurexLxxVqShkr6gs81ANrYdDGbTaFMwFvJAHicfjTkZ3W9XZVHrUS_-HcjUSsHxxk0UaFlJr-S4Y5OhI153xN69-P2eTPDrLsvq5pMXoRnj8GFX2DBIPpQfqgSYbg-h3jXTbXKwjOL6CkT44PH8i-EqXaho5t9eZsdVYLUXtHofEB_EA-0-KgvSvieu-7eLEqQ4Gwt0Er82-r3ndqCEH-AoShlmqGdc11Hz8Y8CoGq7MfFNKgqaSQQ0oDRMh0p4l4919nAdLVVc2OfHgUK-_YehGboviAoNnlg0Un0wnsqPblLk-7L2oytRosRBmCaWJd9MEvS5cbNBNR7mWeczna8X2GIKj6xqg9__0OTSYcpq2VgInKq8c7gLfuqQQnToeOfcV9R2h-ckISBP3PQyg0qweMxQYgw&sai=AMfl-YRfSGdHlig9BNZKUUNXqzU07sT_wpAOpk1xhvXbY3l2UB8MGG5_C21aAoZ8V-c219mWnz6mdGmTfTcVkW-wzTUPwRD-RQezh_K-dhatuY4CbYsTslQe8NgArV3OC8PG4QdGtVp6oQcBcy0LOg8McYLa0PHP3s3sNpheS2DTBolNkjiNJ-fUXoc8v0-WE2EWlSrIh_YJhspsuLHeubVsaNgbdwfK0nqJPVUrMnfmQmXUaiSTOjEsQlXZHh4UepXGfp2Ts9g&sig=Cg0ArKJSzCZLvMgHRL6eEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=382&cbvp=1&cstd=378&cisv=r20231206.91137&arae=0&ftch=1&adurl=
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 09 Dec 2023 22:15:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4.js
static.adsafeprotected.com/ Frame AB47
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523880/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-8007001547012283&ias_chanId=1&ias_placementId=20492285957&bidurl=http://www.em.com.br/&ia...
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0g2tYdpgUXWq1A4QZ1awDyz&ias_xappb=&adContainerId=brand_safety_5uZ0ZYbEGumcjuwPmuOZiAw&cbFunctionName=goog_wrapCb_5uZ0ZYbEGumcjuwPmuOZiAw&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?xsId=ABAjH0g2tYdpgUXWq1A4QZ1awDyz&ias_xappb=&adContainerId=brand_safety_5uZ0ZYbEGumcjuwPmuOZiAw&cbFunctionName=goog_wrapCb_5uZ0ZYbEGumcjuwPmuOZiAw&true_pb=
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:8c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:45:50 GMT
x-amz-version-id
dZV1qYWLtZJQETG4KzZq1jUYDpTMrU_G
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
185354
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 07 Dec 2023 18:45:48 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
-9jhwgBMGteIJXNCdnaMY5Uib_6t87nGln1Yx_2ReybDyEmRnXRw7g==

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
server
nginx
x-server-name
app07.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?xsId=ABAjH0g2tYdpgUXWq1A4QZ1awDyz&ias_xappb=&adContainerId=brand_safety_5uZ0ZYbEGumcjuwPmuOZiAw&cbFunctionName=goog_wrapCb_5uZ0ZYbEGumcjuwPmuOZiAw&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 2608 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
6905153
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
S_5mTsmkYb5VRvqBUHRIYV3u0TI9fngn_FY3jg4AKnDyH9r0jHtDDQ==
khaos.json
token.rubiconproject.com/ Frame 73BA 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
style.css
s0.2mdn.net/sadbundle/1064608057035189096/css/ Frame F29F 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2b61e64a17f1488f20bafee5aa20a8d8ec897b990f709634f5bd1cc620e6b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 12:55:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551983
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2000
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 Dec 2024 12:55:20 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame F29F 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2640051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25267
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-62b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hz36sAKuL7P8%2FdjAR4t3wu7A7hK8WMUbzugOMBpipTOf%2BxX0kQTVV1k62OojpSgpY6szQtSyXHiABs6ciB0uul9ppAXhTzgr9Cv9X4GY7faVyFZXDOxs%2FbnbxrR3nhkzcOQ7IOBfTtPa7j3WD3eAuuzv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83309ac46a546ae2-FRA
expires
Thu, 28 Nov 2024 22:15:03 GMT
CustomEase.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame F29F 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1005235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3299
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaKOTfZLNuxOuc%2FKHBJtvTGsbouPGDBxJcJzsHY9emgBv%2BVUjd38xdHRD3s1%2FgJCMItbOAz71Iu92BI0Fc6TA%2BIAD11DwIMqMNyECDRUIjJCEm%2FDLs2pPPPey5K9iI9pkoKE1xK0wJMxhF0EVMQ%2BS8%2F6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83309ac46a536ae2-FRA
expires
Thu, 28 Nov 2024 22:15:03 GMT
dyson.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F29F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dyson.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5558
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1076
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 20:42:25 GMT
rtbIcon.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F29F 		2 KB
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/rtbIcon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5558
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
771
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 20:42:25 GMT
arrow.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F29F 		429 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:14:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111647
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
320
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 15:14:16 GMT
dyson-v15s-submarine.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F29F 		25 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dyson-v15s-submarine.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 12:55:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551983
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8356
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 Dec 2024 12:55:20 GMT
1-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F29F 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/1-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
539cc993691ac34295a0b8e0b720aa3db63a2e80c78d49e1c4c4132bb4a5dc09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:40:15 GMT
x-content-type-options
nosniff
age
74088
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33567
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 01:40:15 GMT
2-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F29F 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/2-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8833293f6762feb57c976e996042e2dcf201b282c034504008e2bf0a98dd3527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 17:17:43 GMT
x-content-type-options
nosniff
age
363440
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33601
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Dec 2024 17:17:43 GMT
3-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F29F 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/3-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e3479d14727cf6b6581add352dad3c9fb8a89b1586d49dc0e606249e7abe437
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:31:46 GMT
x-content-type-options
nosniff
age
92597
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25911
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 20:31:46 GMT
4-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F29F 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/4-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f430ad6611692180cc5bfba88afb989ac5cde063c2e929a28026be4c2c3e9f45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 06:18:44 GMT
x-content-type-options
nosniff
age
57379
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8971
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 06:18:44 GMT
5-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F29F 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/5-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d60255211b63ebd7ab57221ffe52ae073eab1c1c3a93c48df42b224e7f7c527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:48:29 GMT
x-content-type-options
nosniff
age
5194
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12054
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 20:48:29 GMT
script.js
s0.2mdn.net/sadbundle/1064608057035189096/script/ Frame F29F 		4 KB
959 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/script/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc757f9ba6603eb9913106a4cd83c7a7c0a8a4f845a0aceb1103606bc324ad00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:19:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100521
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
930
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 18:19:42 GMT
dt
dt.adsafeprotected.com/ Frame AB47 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=2ce66e29-5b31-1dc3-696c-e4c7bb5ba3ee&tv=%7Bc:wloXIe,pingTime:-3,time:145,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:43%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:145,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:43,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B138~0%5D,as:%5B138~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXZ0k8N+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g*.1627455-73523880%7C1g1%7C1g2%7C1g3%7C1g4%7C1h%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m,idMap:1g*,rmeas:1,rend:0,renddet:DIV,siq:45%7D&br=c
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5d:871:cd4c:9577 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame AB47 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=2ce66e29-5b31-1dc3-696c-e4c7bb5ba3ee&tv=%7Bc:wloXIh,pingTime:-6,time:148,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:148,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:43,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B140~0%5D,as:%5B140~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXZ0k8N+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g*.1627455-73523880%7C1g1%7C1g2%7C1g3%7C1g4%7C1h%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m,idMap:1g*,rmeas:1,rend:0,renddet:DIV,siq:45%7D&tpiLookup=ao:www.em.com.br&br=c
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5d:871:cd4c:9577 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
__tt.gif
t.tailtarget.com/ 		43 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-10258-0&tE=0&tF=&tI=___de_1702160102271_1358891719&tJ=&tQ=em-geral&tU=0100007FE5E6746575062F080204AD1A&tX=b.52&tY=1&tZ=624900532
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:03 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
dt
dt.adsafeprotected.com/ Frame AB47 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=2ce66e29-5b31-1dc3-696c-e4c7bb5ba3ee&tv=%7Bc:wloXIW,pingTime:-2,time:189,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:783,beZ:784,mfA:788,cmA:789,inA:790,inZ:793,prA:794,prZ:819,si:827,poA:829,poZ:853,cmZ:853,mfZ:853,loA:930,loZ:934,ltA:971,ltZ:971%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:43%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:189,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:43,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B181~0%5D,as:%5B181~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXZ0k8N+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g*.1627455-73523880%7C1g1%7C1g2%7C1g3%7C1g4%7C1h%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m,idMap:1g*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:45,sinceFw:143,readyFired:true%7D&br=c
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5d:871:cd4c:9577 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=EUuOSLbwbwigi2P/dqaennxkVh9pWIOgJvYDtD1Pyql9IYFR5n7wv2Qx+zv/1sQVRbHZxJ4EP/wiIJPVcV1Rmz7Er179TS4TdydHAgLow29j+06+ffh8Xkw3peEN0t3OdQERF2JvhTtcsEH7mmAgtXTCO5egIpYYA8qa7l9wrStbOnJzlX3D0+iM2VuLMw9mjY484ti5uty+6CrYhrapajrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YP5VTwDgNaDaE0Uj8zc8HFAWkv9dLqfckNS24XYsUW3/bCssTHAQMFf9VT/pvZlQ+AOouGsM95za/c6mIaF/Mo8UQ1ZNFclDVuHLZ13dMOayISywq/NBJGBb30h00bl9gbmxG6mx4vuUNB6IosCCauw==&cb=18897596
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-58-110.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:03 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=EUuOSLbwbwigi2P/dqaennxkVh9pWIOgJvYDtD1Pyqk4szzWnYxzHqnNp0qZ/bL+RbHZxJ4EP/wiIJPVcV1Rmz7Er179TS4TdydHAgLow29j+06+ffh8Xkw3peEN0t3OdQERF2JvhTtcsEH7mmAgtXTCO5egIpYYA8qa7l9wrStbOnJzlX3D0+iM2VuLMw9mjY484ti5uty+6CrYhrapajrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YP5VTwDgNaDaE0Uj8zc8HFAWkv9dLqfckNS24XYsUW38Xcdk6y0N82/UdCjNBh5fF1cAseAzVY0N2nSRaRaVYvMUQ1ZNFclDVuHLZ13dMOayISywq/NBJGBb30h00bl9gbmxG6mx4vuUNB6IosCCauw==&cb=48971361
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-58-110.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:03 GMT
server
nginx/1.6.2
4.js
static.adsafeprotected.com/ Frame FA80
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1627455/73523880/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-8007001547012283&ias_chanId=1&ias_placementId=20492285957&bidurl=http://www.em.com.br/&ia...
  • https://static.adsafeprotected.com/4.js?xsId=ABAjH0inHVy-3vtOlSXaSaSHhYa3&ias_xappb=&adContainerId=brand_safety_5uZ0ZeOcIvHOjuwP-8maoA8&cbFunctionName=goog_wrapCb_5uZ0ZeOcIvHOjuwP-8maoA8&true_pb=
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?xsId=ABAjH0inHVy-3vtOlSXaSaSHhYa3&ias_xappb=&adContainerId=brand_safety_5uZ0ZeOcIvHOjuwP-8maoA8&cbFunctionName=goog_wrapCb_5uZ0ZeOcIvHOjuwP-8maoA8&true_pb=
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:8c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:45:50 GMT
x-amz-version-id
dZV1qYWLtZJQETG4KzZq1jUYDpTMrU_G
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
185354
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 07 Dec 2023 18:45:48 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
9Bjh2OiIqtYR8UaosHaGeUMb506K2DnqlQs7Z1k0CVHFs5cEf824Wg==

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
server
nginx
x-server-name
app17.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?xsId=ABAjH0inHVy-3vtOlSXaSaSHhYa3&ias_xappb=&adContainerId=brand_safety_5uZ0ZeOcIvHOjuwP-8maoA8&cbFunctionName=goog_wrapCb_5uZ0ZeOcIvHOjuwP-8maoA8&true_pb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 2574 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:8c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
6905153
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
TiVBMk6lR-OPnC5Z_VM7maZT0YiLZsmrr7EQlb9WNqsa5mrHFOONrQ==
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 7FBA 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
48200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 08:51:43 GMT
expires
Sun, 08 Dec 2024 08:51:43 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/1064608057035189096/ Frame D64A 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3477a72ef1db732762ffb13ba55d7df867b64c2abf5f88a1fdff29e6dbe374d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
72002
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1879
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 02:15:01 GMT
expires
Sun, 08 Dec 2024 02:15:01 GMT
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FA80 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuuIzuRG_7Pp-qLBFsMasiig25TbMRKj16gwthFdrkryak9YfK73ZNEfh4kQe-Lu4hamTSTavHFdDcEOZsGeCPqC3HG7iSGVn0hTKvlzDdlnOr8C8sdn9lsNyjv5qtxze-QOxhcZrnOKWDfS6_GTHt2yhOOg1WZvks5YJ88VrrM5fI8iger9O9XAHvJ9CG19pr3A8yM4FO90266zcpU8NDXhz7mFluQlLa8A5DJE3ycxcV2u-pgxIB4KmkLPqyoN6OaatNF5P42O9ttJqLsKfRA8_jgL_L7ghFa1Wp8_KMtPSEAh6nBukacypib5apgv1r9xVKLQMfd0gWYWYbFAhJV8E--phvdAKq3F1chjzgVwj1kMqC2k8IC5WmpHZs5ETx6SMXiv_7SfAMVN-DPGC5TIWRDjSX3gDGkZiWSpi_C1Wwvl7rfXOdSaG0s2HXRARZPvRuwTYG1EGDdoRI36LvgdYs0_UJrHF16dcDhY-rImkPU_p2MAdcilytHAJ8bGLd75xSpT-ijVgQHqWaohv3DnWY1RqZbhVV_MIEE2PzTHjjMx-y5J-VXBHM8wPKVQAj1FxRexgxGXHlzghRAVGHzqYP_w5SDWcP6l8ZGKHuwTxTLKSVEAT0BUdC-FZFUQrIfoE1-ASqwTVzRm1cVjR2BNstqJ3mEtLIwz2OuJFzLeIjjVe0xl_1yxQy4zxkcGi-bAABeCp9w_kI7Ra9_v32oMT2t5Ndftity-AixVQ8HWJDp2MlP8OmDiTfezZPPSuhBDoqtMyT6RRY70SbxolYFQKbuIQFNO02Adno6j7PVahbjjjWJpCKSQF1dMtPGaJVWFnGnvjLpVpykjLPmV7Jrb-1H4W1O5bFSJjwUg1U_Secr27JffewZzzp5MJImr4eob9UvDppckrAXtWuGXMM1SVAnyeRFnYqdsoR4O2pqdfmUDZbptX-Be7xuCVYKPc_CSkDXt1mMjp6fQmddRiVORKX9dl1nTuFnZ2ZsZUkuDh44emgZzXGjUPZAXccCrgeA7_hcvOBgnx81c2v_cnfhJj9NhVzLX2OrCyd0VZ8R1h-myEk-bk_0qotySbNUZNOkmZSR6dT8trEsAcL1RFIRc5FOj7wj6PjGGiVUCHzyXDemF3ycPzfVrt6lkOzrhDfsI7JnDTBPLMVYWDE6M-rSgAslM6c2MZXtQh-r8i29RdM04cmYGWhVVuaS6e87aQQCYi4MgS2k0GJC0D0XgRgl1dcWCkBgmNYsOiJrO1JDqMpgAoTmDjxdO2PKaMDX7kelfLqFtfvjshPphZWgxJO0yci-5k1sWK_HD1dxovgtPFozKfYWVbhVFAj0b6XpYCAIRam2bnISnajeG7C10At5sSI4rzo96zxXHEcxuGDfHO4gHfvEuER1yA7_dymzOs-5PMS2pc4Q1ioUrJsGncERm6vTuE0&sai=AMfl-YTDtXG12eTs_HKL8C1O2-h0X7juYRMvSWGUo1yUWJpl_asl5aSZxBMicfX7_bjiAoT1St7irD4hVYsfUE02aeRd1ghXqL9VqU37jciv4sayj1gEkN0pyTHw06TFex9Gxha5JqWbdfZAVTy2kKp-UR0E7WcOQeBfg8BmvDRye9capn10EaK6T05cr7H0VM8_OOBvrC7JxfdLJvXrW8Z7ZsJo30pseyO6UwwpcOwN58lBerccmgSOHgWu4HIkHbEqpBUjx5A&sig=Cg0ArKJSzG75e1_auJ8sEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=436&cbvp=1&cstd=434&cisv=r20231206.03262&arae=0&ftch=1&adurl=
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 09 Dec 2023 22:15:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
i.match
s.tribalfusion.com/z/ Frame B88F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEFWfhsNo-ObqARN5nWffdcM&google_cver=1&google_push=AXcoOmQo81jzgPNPtRmXnkDo_5xvP6iq_pSWPtio-_kjVgTXi1p9s7OzBmdTXsueaqauRIOIov_4Ym_C7JBYl4R-t7msVKP7G7FG&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFWfhsNo-ObqARN5nWffdcM&google_cver=1&google_push=AXcoOmQo81jzgPNPtRmXnkDo_5xvP6iq_pSWPtio-_kjVgTXi1p9s7OzBmdTXsueaqauRIOIov_4Ym_C7JBYl4R-t7msVKP7G7F...
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFWfhsNo-ObqARN5nWffdcM&google_cver=1&google_push=AXcoOmQo81jzgPNPtRmXnkDo_5xvP6iq_pSWPtio-_kjVgTXi1p9s7OzBmdTXsueaqauRIOIov_4Ym_C7JBYl4R-t7msVKP7G7FG&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQo81jzgPNPtRmXnkDo_5xvP6iq_pSWPtio-_kjVgTXi1p9s7OzBmdTXsueaqauRIOIov_4Ym_C7JBYl4R-t7msVKP7G7FG%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83309ac69d2f9237-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
131
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFWfhsNo-ObqARN5nWffdcM&google_cver=1&google_push=AXcoOmQo81jzgPNPtRmXnkDo_5xvP6iq_pSWPtio-_kjVgTXi1p9s7OzBmdTXsueaqauRIOIov_4Ym_C7JBYl4R-t7msVKP7G7FG&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQo81jzgPNPtRmXnkDo_5xvP6iq_pSWPtio-_kjVgTXi1p9s7OzBmdTXsueaqauRIOIov_4Ym_C7JBYl4R-t7msVKP7G7FG%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83309ac57c7e9237-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B88F
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEEla2LZP4J0S1L5XacF8qMo&google_cver=1&google_push=AXcoOmTMG8ftG3s1oBsR8zH3lDZIK-81efJDgyJnahvYVhVjnhvJ8olzrrwfiE1XzjffBEf7vj35qgokHnu...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTMG8ftG3s1oBsR8zH3lDZIK-81efJDgyJnahvYVhVjnhvJ8olzrrwfiE1XzjffBEf7vj35qgokHnuyWiRjOvS8zc8h9L8b&google_hm=KtZFBiRiRpe22X3kIIq-H8c
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTMG8ftG3s1oBsR8zH3lDZIK-81efJDgyJnahvYVhVjnhvJ8olzrrwfiE1XzjffBEf7vj35qgokHnuyWiRjOvS8zc8h9L8b&google_hm=KtZFBiRiRpe22X3kIIq-H8c
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:02 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTMG8ftG3s1oBsR8zH3lDZIK-81efJDgyJnahvYVhVjnhvJ8olzrrwfiE1XzjffBEf7vj35qgokHnuyWiRjOvS8zc8h9L8b&google_hm=KtZFBiRiRpe22X3kIIq-H8c
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B88F
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPCRYBvv0dJZGPy6ur6eF0I&google_cver=1&google_push=AXcoOmRVg1XR1C0kXg7Fl0G6T-L3pfASBtVQh4WjGIEdC8_eofrTUTz5Vt4CJb163VqwiI0J9axUcScZ7p8n94A8...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uCr8JUlqSCESmO9VYx63lg&google_push=AXcoOmRVg1XR1C0kXg7Fl0G6T-L3pfASBtVQh4WjGIEdC8_eofrTUTz5Vt4CJb163VqwiI0J9axUcScZ7p8n94A8UAZh398nwp49pA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uCr8JUlqSCESmO9VYx63lg&google_push=AXcoOmRVg1XR1C0kXg7Fl0G6T-L3pfASBtVQh4WjGIEdC8_eofrTUTz5Vt4CJb163VqwiI0J9axUcScZ7p8n94A8UAZh398nwp49pA
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Dec 2023 22:15:03 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uCr8JUlqSCESmO9VYx63lg&google_push=AXcoOmRVg1XR1C0kXg7Fl0G6T-L3pfASBtVQh4WjGIEdC8_eofrTUTz5Vt4CJb163VqwiI0J9axUcScZ7p8n94A8UAZh398nwp49pA
x-host
tde-deliveryengine-production-5989b845bf-p9shg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
adx
pr-bh.ybp.yahoo.com/sync/ Frame B88F 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJBh444fyGCg6vqABLekkqI&google_cver=1&google_push=AXcoOmQkZT-EpHYkbS_JuVJJqjZHga7OMAtmo2alPQCO7gUx0KojJZZztvRHvHyQX80YDlNv3gGJw6jH-V9DiXRKdO2iwvT0BlPmIA
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:11b1:8ae0:b180:1e1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dds
rtb.openx.net/sync/ Frame B88F 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEGbkbP-NfB45i6UFh4Z1IYw&google_cver=1&google_push=AXcoOmRANjaZd-UNvtZMjyNpEVXJoUhoBXUG_2WyPDneafjniEs7BI5_a6yMIbyktAUxYSlqpV1iEbEuQ2h2O-gyKMO8X73xFMqI7g
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame B88F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPXFzRAGmZyJ22Ega0h1s9s&google_cver=1&google_push=AXcoOmRa6hxTl8fNfWlgLaIu5yumJ249cjwARq8BrB528JovrmEsjsEtDtPdYxaEWnCQaGGiqBC...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBZTTZCWEMtNi1CSlgw&google_push=AXcoOmRa6hxTl8fNfWlgLaIu5yumJ249cjwARq8BrB528JovrmEsjsEtDtPdYxaEWnCQaGGiqBC9nFrBhC1KW-sxMC7gU_GsLrgviA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBZTTZCWEMtNi1CSlgw&google_push=AXcoOmRa6hxTl8fNfWlgLaIu5yumJ249cjwARq8BrB528JovrmEsjsEtDtPdYxaEWnCQaGGiqBC9nFrBhC1KW-sxMC7gU_GsLrgviA
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBZTTZCWEMtNi1CSlgw&google_push=AXcoOmRa6hxTl8fNfWlgLaIu5yumJ249cjwARq8BrB528JovrmEsjsEtDtPdYxaEWnCQaGGiqBC9nFrBhC1KW-sxMC7gU_GsLrgviA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
/
onetag-sys.com/match/ Frame B88F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEIluAescMrZFzsvgyefa28E&google_cver=1&google_push=AXcoOmSUtlEmUB2yp5b3uXlJ1XSNH9mYF1lbGFTb8n8ao-19Iy41mPZpt1sm9MNSEeyLjaBUiH6OgQrlkAX...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSUtlEmUB2yp5b3uXlJ1XSNH9mYF1lbGFTb8n8ao-19Iy41mPZpt1sm9MNSEeyLjaBUiH6OgQrlkAX0C4-RSQTkYGVdemE5pSw
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B88F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KUmvMOhaC2lCIUHWo1HDlIRrspsnkVuxcmWKUMiEZT5bOynbnjEfmdSRVYWFPRqUWbZsCCRQ
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame C5EF 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 22:01:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
87184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 22:01:59 GMT
dt
dt.adsafeprotected.com/ Frame FA80 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=c2b88e9b-3ed0-8d95-5b42-17c4a3bc239a&tv=%7Bc:wloXL7,pingTime:-3,time:103,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:32%7D,%7Br:r,w:728,h:90,t:98%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:103,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B95~0%5D,as:%5B90~0.0,5~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXZ0kcm+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h%7C1i*.1627455-73523880%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m1%7C1m2,idMap:1i*,rmeas:1,rend:0,renddet:svg.us,siq:33%7D&br=c
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5d:871:cd4c:9577 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame FA80 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=c2b88e9b-3ed0-8d95-5b42-17c4a3bc239a&tv=%7Bc:wloXL9,pingTime:-6,time:105,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:105,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B97~0%5D,as:%5B90~0.0,7~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXZ0kcm+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h%7C1i*.1627455-73523880%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m1%7C1m2,idMap:1i*,rmeas:1,rend:0,renddet:svg.us,siq:33%7D&tpiLookup=ao:www.em.com.br&br=c
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5d:871:cd4c:9577 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
map
ih.adscale.de/ Frame 1D55 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?ssl=1&format=video&gdpr_err=CMP_TIME_OUT&src=map_js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/map.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.62.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-62-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sat, 09 Dec 2023 22:15:03 GMT
style.css
s0.2mdn.net/sadbundle/1064608057035189096/css/ Frame D64A 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2b61e64a17f1488f20bafee5aa20a8d8ec897b990f709634f5bd1cc620e6b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 12:55:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551983
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2000
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 Dec 2024 12:55:20 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame D64A 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2640051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25267
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-62b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Iu75wHWTFYcJn56z7pOz5Kdt10WVd2qlKwaIj78TIov9XrAvkW4X0gkaic24AQUnslgOvdptTHsi40E4G6ia85AvQ%2F0VU9dhM6KORxs%2F%2Fk9IQ8CZqjUVaA0gGOCjWUesXMEJwBPGEncgW9MzqWAKOog"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83309ac5abca6ae2-FRA
expires
Thu, 28 Nov 2024 22:15:03 GMT
CustomEase.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame D64A 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1005235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3299
last-modified
Tue, 01 Aug 2023 16:38:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"64c93515-ce3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9BuLx0gK98XAnwzhIXRLdNGQKm01zwyBne6%2BVumkidMUsoTOhwDfxU8OE6Lx14RdAGYHkGpAU86QM8hH0Zo%2BQwnijEKM%2B7AnkChe0bCfdWdW5YZFgyvIE3ZfR1bDK6ZPusMBm3hOhOtIeKD4%2Fl7ahifH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83309ac5abcc6ae2-FRA
expires
Thu, 28 Nov 2024 22:15:03 GMT
dyson.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame D64A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dyson.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5558
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1076
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 20:42:25 GMT
rtbIcon.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame D64A 		2 KB
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/rtbIcon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5558
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
771
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 20:42:25 GMT
arrow.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame D64A 		429 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 15:14:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111647
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
320
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 15:14:16 GMT
dyson-v15s-submarine.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame D64A 		25 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dyson-v15s-submarine.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 12:55:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551983
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8356
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 Dec 2024 12:55:20 GMT
1-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame D64A 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/1-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
539cc993691ac34295a0b8e0b720aa3db63a2e80c78d49e1c4c4132bb4a5dc09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:40:15 GMT
x-content-type-options
nosniff
age
74088
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33567
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 01:40:15 GMT
2-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame D64A 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/2-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8833293f6762feb57c976e996042e2dcf201b282c034504008e2bf0a98dd3527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 17:17:43 GMT
x-content-type-options
nosniff
age
363440
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33601
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Dec 2024 17:17:43 GMT
3-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame D64A 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/3-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e3479d14727cf6b6581add352dad3c9fb8a89b1586d49dc0e606249e7abe437
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:31:46 GMT
x-content-type-options
nosniff
age
92597
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25911
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 20:31:46 GMT
4-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame D64A 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/4-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f430ad6611692180cc5bfba88afb989ac5cde063c2e929a28026be4c2c3e9f45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 06:18:44 GMT
x-content-type-options
nosniff
age
57379
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8971
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 06:18:44 GMT
5-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame D64A 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/5-min.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d60255211b63ebd7ab57221ffe52ae073eab1c1c3a93c48df42b224e7f7c527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:48:29 GMT
x-content-type-options
nosniff
age
5194
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12054
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 20:48:29 GMT
script.js
s0.2mdn.net/sadbundle/1064608057035189096/script/ Frame D64A 		4 KB
959 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/script/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc757f9ba6603eb9913106a4cd83c7a7c0a8a4f845a0aceb1103606bc324ad00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:19:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100521
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
930
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 18:19:42 GMT
dt
dt.adsafeprotected.com/ Frame FA80 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=c2b88e9b-3ed0-8d95-5b42-17c4a3bc239a&tv=%7Bc:wloXLQ,pingTime:-2,time:148,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:978,beZ:979,mfA:982,cmA:984,inA:984,inZ:987,prA:988,prZ:1005,si:1010,poA:1011,poZ:1033,cmZ:1033,mfZ:1033,loA:1083,loZ:1085,ltA:1126,ltZ:1126%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:32%7D,%7Br:r,w:728,h:90,t:98%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:148,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B140~0%5D,as:%5B90~0.0,50~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXZ0k8N+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g.1627455-73523880%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h%7C1i*.1627455-73523880%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m1%7C1m2,idMap:1i*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,siq:33,sinceFw:114,readyFired:true%7D&br=c
Requested by
Host: 6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
URL: https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5d:871:cd4c:9577 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dysonfutura-book.woff
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F29F 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dysonfutura-book.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 12:55:21 GMT
x-content-type-options
nosniff
age
551982
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7928
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 Dec 2024 12:55:21 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7F5D 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C6887%2Fvideo1%2FVVVBTRVD_em.com.br&description_url=http%3A%2F%2Fwww.em.com.br%2F&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1477123679056832&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=1748514863&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=C355DB27-1B23-4037-81E5-B1F11D27935B&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806075&url=http%3A%2F%2Fwww.em.com.br%2F&dlt=1702160099794&idt=3243&dt=1702160103348&cookie=ID%3Ded30445369e3ec21%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_Mbw0S7wXrmPKQ8H_jUk8WaePsLUsA&gpic=UID%3D00000d111056c9e0%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_MYQfEYFwI4yYVGotX5GPHNPisM_Qw&scor=1045254448027048&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01866a6f12c6e523443381bbdf5081cde46c20e7108827388b0a10c9c23b25fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
799
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231207-12-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Dec 2023 22:15:03 GMT
x-amz-request-id
9T8G4R1J257WC6ZV
age
359
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1702160103.363806,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
95
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
2098
view
googleads4.g.doubleclick.net/pcs/ Frame AB47 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvDw9NZDZGNPZ03oImiQSQgo8S8ZNibiMSoNTN0iYAD3QMdNL6c9eiRG7hEK6451CBk-HKMTPClpbH1j1nDoUGw7mwXTOzeXI471YHF55SfMsROGuFL4pieWon4gwZwzCaXxVKW1Dwb1DXLgDx5CnFXJJezWWQ-MC_UXdOW74GALP0kOpZr3b4FUT-Op45Fas4LacWhBXx77G6cFQGW61n63T73K-oMtOisEDLN1e_u5Cdz4wKPNRHQeOKPLBdXw8OegB292z2R7ub8s8YYZVFk8HQoj4uj5flcidLIconX84248d_Uk_fvyZ5LowXrD85ge6KMLAMmHESC1HY-zolCjMP9uqKu8KxyXUKyZzt3_MA1ArUx7L1Lz7wfBa4kAYF89Fu94wgHc1bpk_EAF6raboxYgqD1GBRXJhoGDTE6SLPPtUBP_SMDObpfjcTpb_nxvY7CTuIJrmHvqnf_GLwb8o7M-VdJsy4cw5qBovbl65_GIdliAYvfBPV1lH8cnleaCFj8K3HKogSKAgvwsQ5Ebq3nWGw06oLZ--Owp3MUZJj25BBcSCEq7BjLGDEFRenzvFd14yBX9ZJ9riC_X9v6G-5j6IrdJmG2tgN1QTql_QHwbwvuFbhirLO5h1leXkH6uNxJOIGrwW-rdfqUDliy08BBH7qwnNbKmHoQf9i22SAK_C4FF4BphA9ga4ITFY0gQ2EdDSXmImtxyLKGG35RzwYeBv69jpcMsb0wetlcKrX53wlRU9kkTy3LDA41Ywu5u_Eyk7jRekDoq3fkURxLqg_HV7Hv-t-4I908FWWhJPhqIaUPwOhskpyLELdpj1TSqMsoTauUPZAfNYC7VZDGqDjviKgS1ZMDZ-9hrthBU1pCPc_Gek_q83QpcGWv4iIqQSUm0uVMa3sCShHDVcjih8FMYqjasldqA6bHHVXPvlIGlpq8hqMVDT6OpLDPcZ1qq2wA0yMZA9EeAWfAex01r1gIOi11c1hMF-F93TuKD1MiE7AaEFEUMurexLxxVqShkr6gs81ANrYdDGbTaFMwFvJAHicfjTkZ3W9XZVHrUS_-HcjUSsHxxk0UaFlJr-S4Y5OhI153xN69-P2eTPDrLsvq5pMXoRnj8GFX2DBIPpQfqgSYbg-h3jXTbXKwjOL6CkT44PH8i-EqXaho5t9eZsdVYLUXtHofEB_EA-0-KgvSvieu-7eLEqQ4Gwt0Er82-r3ndqCEH-AoShlmqGdc11Hz8Y8CoGq7MfFNKgqaSQQ0oDRMh0p4l4919nAdLVVc2OfHgUK-_YehGboviAoNnlg0Un0wnsqPblLk-7L2oytRosRBmCaWJd9MEvS5cbNBNR7mWeczna8X2GIKj6xqg9__0OTSYcpq2VgInKq8c7gLfuqQQnToeOfcV9R2h-ckISBP3PQyg0qweMxQYgw&sai=AMfl-YRfSGdHlig9BNZKUUNXqzU07sT_wpAOpk1xhvXbY3l2UB8MGG5_C21aAoZ8V-c219mWnz6mdGmTfTcVkW-wzTUPwRD-RQezh_K-dhatuY4CbYsTslQe8NgArV3OC8PG4QdGtVp6oQcBcy0LOg8McYLa0PHP3s3sNpheS2DTBolNkjiNJ-fUXoc8v0-WE2EWlSrIh_YJhspsuLHeubVsaNgbdwfK0nqJPVUrMnfmQmXUaiSTOjEsQlXZHh4UepXGfp2Ts9g&sig=Cg0ArKJSzCZLvMgHRL6eEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=814&vt=11&dtpt=432&dett=3&cstd=378&cisv=r20231206.91137&vwbs=1&arae=0&ftch=1&adurl=
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 7FBA 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 22:01:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
87184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 22:01:59 GMT
dysonfutura-book.woff
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame D64A 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dysonfutura-book.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 12:55:21 GMT
x-content-type-options
nosniff
age
551982
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7928
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 18:29:21 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 02 Dec 2024 12:55:21 GMT
/
pips.taboola.com/ 		4 B
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220090-FRA
date
Sat, 09 Dec 2023 22:15:03 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
http://www.em.com.br
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
view
googleads4.g.doubleclick.net/pcs/ Frame FA80 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuuIzuRG_7Pp-qLBFsMasiig25TbMRKj16gwthFdrkryak9YfK73ZNEfh4kQe-Lu4hamTSTavHFdDcEOZsGeCPqC3HG7iSGVn0hTKvlzDdlnOr8C8sdn9lsNyjv5qtxze-QOxhcZrnOKWDfS6_GTHt2yhOOg1WZvks5YJ88VrrM5fI8iger9O9XAHvJ9CG19pr3A8yM4FO90266zcpU8NDXhz7mFluQlLa8A5DJE3ycxcV2u-pgxIB4KmkLPqyoN6OaatNF5P42O9ttJqLsKfRA8_jgL_L7ghFa1Wp8_KMtPSEAh6nBukacypib5apgv1r9xVKLQMfd0gWYWYbFAhJV8E--phvdAKq3F1chjzgVwj1kMqC2k8IC5WmpHZs5ETx6SMXiv_7SfAMVN-DPGC5TIWRDjSX3gDGkZiWSpi_C1Wwvl7rfXOdSaG0s2HXRARZPvRuwTYG1EGDdoRI36LvgdYs0_UJrHF16dcDhY-rImkPU_p2MAdcilytHAJ8bGLd75xSpT-ijVgQHqWaohv3DnWY1RqZbhVV_MIEE2PzTHjjMx-y5J-VXBHM8wPKVQAj1FxRexgxGXHlzghRAVGHzqYP_w5SDWcP6l8ZGKHuwTxTLKSVEAT0BUdC-FZFUQrIfoE1-ASqwTVzRm1cVjR2BNstqJ3mEtLIwz2OuJFzLeIjjVe0xl_1yxQy4zxkcGi-bAABeCp9w_kI7Ra9_v32oMT2t5Ndftity-AixVQ8HWJDp2MlP8OmDiTfezZPPSuhBDoqtMyT6RRY70SbxolYFQKbuIQFNO02Adno6j7PVahbjjjWJpCKSQF1dMtPGaJVWFnGnvjLpVpykjLPmV7Jrb-1H4W1O5bFSJjwUg1U_Secr27JffewZzzp5MJImr4eob9UvDppckrAXtWuGXMM1SVAnyeRFnYqdsoR4O2pqdfmUDZbptX-Be7xuCVYKPc_CSkDXt1mMjp6fQmddRiVORKX9dl1nTuFnZ2ZsZUkuDh44emgZzXGjUPZAXccCrgeA7_hcvOBgnx81c2v_cnfhJj9NhVzLX2OrCyd0VZ8R1h-myEk-bk_0qotySbNUZNOkmZSR6dT8trEsAcL1RFIRc5FOj7wj6PjGGiVUCHzyXDemF3ycPzfVrt6lkOzrhDfsI7JnDTBPLMVYWDE6M-rSgAslM6c2MZXtQh-r8i29RdM04cmYGWhVVuaS6e87aQQCYi4MgS2k0GJC0D0XgRgl1dcWCkBgmNYsOiJrO1JDqMpgAoTmDjxdO2PKaMDX7kelfLqFtfvjshPphZWgxJO0yci-5k1sWK_HD1dxovgtPFozKfYWVbhVFAj0b6XpYCAIRam2bnISnajeG7C10At5sSI4rzo96zxXHEcxuGDfHO4gHfvEuER1yA7_dymzOs-5PMS2pc4Q1ioUrJsGncERm6vTuE0&sai=AMfl-YTDtXG12eTs_HKL8C1O2-h0X7juYRMvSWGUo1yUWJpl_asl5aSZxBMicfX7_bjiAoT1St7irD4hVYsfUE02aeRd1ghXqL9VqU37jciv4sayj1gEkN0pyTHw06TFex9Gxha5JqWbdfZAVTy2kKp-UR0E7WcOQeBfg8BmvDRye9capn10EaK6T05cr7H0VM8_OOBvrC7JxfdLJvXrW8Z7ZsJo30pseyO6UwwpcOwN58lBerccmgSOHgWu4HIkHbEqpBUjx5A&sig=Cg0ArKJSzG75e1_auJ8sEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=640&vt=11&dtpt=204&dett=3&cstd=434&cisv=r20231206.03262&vwbs=1&arae=0&ftch=1&adurl=
Requested by
Host: www.em.com.br
URL: http://www.em.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2be14ecd1d08b798eb20e6aa2d3c0c86ceb57908ddcf657590bf99339fc222fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12399
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 7F5D 		156 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2Fvideo1%2FVVVBTRVD_em.com.br&sz=1x1%7C400x300%7C640x480&url=http%3A%2F%2Fwww.em.com.br%2F&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=http%3A%2F%2Fwww.em.com.br%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&bumper=before&max_ad_duration=30000&min_ad_duration=0&sid=C355DB27-1B23-4037-81E5-B1F11D27935B&adk=1748514863&correlator=1477123679056832&ctv=0&dlt=1702160099794&dt=1702160103579&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491&idt=3243&is_amp=0&npa=1&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=1045254448027048&sdk_apis=2%2C7%2C8&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806075&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=6887&kfa=0&tfcd=0&top=http%3A%2F%2Fwww.em.com.br%2F&loc=http%3A%2F%2Fwww.em.com.br%2F&cookie=ID%3Ded30445369e3ec21%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_Mbw0S7wXrmPKQ8H_jUk8WaePsLUsA&gpic=UID%3D00000d111056c9e0%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_MYQfEYFwI4yYVGotX5GPHNPisM_Qw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Dec 2023 22:15:03 GMT
dt
dt.adsafeprotected.com/ Frame AB47 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=2ce66e29-5b31-1dc3-696c-e4c7bb5ba3ee&tv=%7Bc:wloXQK,pingTime:-10,time:673,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjcxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1702160103618%7C%7C6a5bdb0b6f037a045789d58f6dfc26f0%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C1a92a48ea56f00c9622f9ebb838b7aca%7C%7C650215f0b056b38e570df2c1d2c194d5%7C%7Cb1fcb00f0421f27f128ae5bde9db964e%7C%7Cd06413aa2309774d68c4c06bcd4cf32b%7C%7C871e35884bc4858fd04ca4f51251d7a2%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5d:871:cd4c:9577 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
server
nginx
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
csi
csi.gstatic.com/ Frame 7F5D 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=1~lpym6d3q&c=2033634996664&slotId=1016817498332&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7F5D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2Fvideo1%2FVVVBTRVD_em.com.br&sz=1x1%7C400x300%7C640x480&url=http%3A%2F%2Fwww.em.com.br%2F&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=http%3A%2F%2Fwww.em.com.br%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&pmnd=0&pmxd=180000&max_ad_duration=120000&sid=C355DB27-1B23-4037-81E5-B1F11D27935B&adk=1748514863&correlator=1477123679056832&ctv=0&dlt=1702160099794&dt=1702160103671&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=3243&is_amp=0&npa=1&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=1045254448027048&sdk_apis=2%2C7%2C8&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806075&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=6887&kfa=0&tfcd=0&top=http%3A%2F%2Fwww.em.com.br%2F&loc=http%3A%2F%2Fwww.em.com.br%2F&cookie=ID%3Ded30445369e3ec21%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_Mbw0S7wXrmPKQ8H_jUk8WaePsLUsA&gpic=UID%3D00000d111056c9e0%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_MYQfEYFwI4yYVGotX5GPHNPisM_Qw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C5EF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BN9a75uZ0ZYbEGumcjuwPmuOZiAwAAAAAOAHgBAI&bg=!jY6ljsHNAAY3kmNgF5I7ADQBe5WfOOI4qVaPHO1gseaywhiR91GLpdcIkfd9rjCDsP6QXEshQ7aYNW17I0pcpf20LdSsAgAAAQZSAAAAA2gBBwoAZSLu8UCBudcRDhi_PJDP3LyLDAxNg36IZWxTxwCYoQfP5yYKApXFkcQtdl5OOhKq8PlG2892nD4ypGSm9cbHDoV1Q1N67Xd962YUqTmUeaiuk-jhpkXnk5hwS7HfOQB8PdjN1KYqmQMpfRQvdtlrIclj9Bek4MA4Gh1UNbpxOF8J8dJkzTDS5lNm_H7EsFsax5a5MjgMylGP3mV74yJXEsIF6SbaYAJC7h2lSFhYXNAryF2LUg-X4_RAEuApO6H6pKweqOOc4fHhT1UHEG4aCXjvX9taG4qKiKGaCxsPE7NlRfsX8tDhfpait_4d7XylbxhkMs0GqaREGRubgRU1bgmVM1mNYxQV4lDf7_hwGDTYayvQvPUT2JXHF2e5G7O1EV8gIdwH2ah_jpJ0YEzHieY4ykERFqDQsNZgqj0xsMj5Ncx3bFlfpeSjLW80fXyHm-N9zxjgkbMvRqVscGoN8YiP81vzJgypd-rQKblm8VlAPGkQg6dYwGOZ3PwCUHrt2Cj4zFsjbY651ghyXv-adSeGJvijn3tJfgUwWMCdOudrIoHT--ufYC5kFLB3PdcueYez1Hq24DykR8KUOwBLGdJthv6s9NS9p5g35n6X9HmfHy-dH6hzPgr1UdwG9tfyXQH_AjUQ2_lGzO0-OC-TC4Wb4VVzedj8jfpiUYHaP1aQIhpbRnPN4LzPzcd0oiy8tHtY5kTMGaU4wErOtVgy54Jx-0iX-YfZlT06pI6fhyRXTMLR25GTCYCmgT0FE-fjB6qvdhTuxbX6YQeiQqG_4OmzYWimmObFtV1T92Ns6e1egwiftRGxZt-fvOxp-bZ5eBSZBWFS0g8tLeMo9Cb5H1-AaYtq-dCxlTSPcs77GQgQtKeCKYckgEH6yAm6W6w4J55PdQebSf58eo3WomTEIkOQQZjn6_Zg5UCRotwwPia9r0FEl9tM_OMUh3ZIbhhY0Y3Va8jBsqU-DBUS6ah7Y0w37NqXZQOc1bQgjPq5XQU1_kIuwT7Y1xfrIkvEhvPmyhrk0lUrwv9q0BLSaB-uC1xz0ULfEp15nAPVKMJ8IFEdspsd7r1V-CIxDVMUBsHM3zivkMOumhngNsD_V215hUsQ3GdEXXsrnBUv6NsoGweVwhKQHFnyYxDW1K1tZye7C_ZG2RrXqHLP7Nm1G2p1buynyOHxFAL4eiL_fu2kPEv4lxan7yQtUAXtLO2DM9-Ycjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 487D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5560
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 20:42:23 GMT
expires
Sun, 08 Dec 2024 20:42:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EC23 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b84304e1bba117beb11784bf6206dff5e402dede2570f97cde03e1eb05c3f995
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ov3LROmcukfJ169A-i-YvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Ov3LROmcukfJ169A-i-YvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 22:15:03 GMT
expires
Sat, 09 Dec 2023 22:15:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sat, 09 Dec 2023 22:15:02 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
28410
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1702160103.879636,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
27
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
12768
c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

Referer

Response headers

x-amz-version-id
3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding
gzip
via
1.1 varnish
date
Sat, 09 Dec 2023 22:15:01 GMT
x-amz-request-id
Y67JKMS6K9CH728E
age
52
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1502
x-amz-id-2
B33MDroMXoHRPwonNfdEh7OgYAkG+9quij2d4vHLtZt++OAYVXybtbzTWUc4srBuEnmtpxf4yE0=
x-served-by
cache-fra-eddf8230041-FRA
last-modified
Sun, 10 Jun 2018 13:23:55 GMT
server
AmazonS3
x-timer
S1702160101.355742,VS0,VE0
etag
"11d8569a7da0739259e3ac0b0d666e94"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
73
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
22
activeview
pagead2.googlesyndication.com/pcs/ Frame AB47 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqj--8KzHhkUz2UlKzj2ZTWkt13stpkeB32x3X-Vk5oixgwTLWPOswZrpsuc0I8JtC2wre7k8zIO2j0swlkUOdDmBYDLxKXQGN4J2CoJTv0qLVs-m-LLZ483HcTcKmsthBxDiSayiuCY9c&sai=AMfl-YSkF9PPLkW9pOEgJ8-C-SJLs7pHvA4Qx4vzdnFqsGYaC_bEvVv9MdJFDDitCvWFJANm4jCRmB5PUePLef8pu__KFhc0bXzPKhm0wx6SzXMjY1vAj4HZX6STbnOJ6crhehaFNVAKMXs&sig=Cg0ArKJSzEIzF-70jWPLEAE&cid=CAQSPADICaaNJk0QsoOBIbZhkYIHGDe-J_znjhXWr3VVqhxBxY6srt3iZu7CZvJFXQRNzDDqd2EKqtFL9UFgHhgB&id=lidar2&mcvt=1026&p=1110,436,1200,1164&mtos=1026,1026,1026,1026,1026&tos=1026,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1060018158&rs=4&la=0&cr=0&vs=4&r=v&rst=1702160102162&rpt=540&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EC23 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=2205472116647278&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FBA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BEzZS5uZ0ZeOcIvHOjuwP-8maoA8AAAAAOAHgBAI&bg=!Xl2lXRLNAAY3kmNgF5I7ADQBe5WfOGO8R76Jxy3h44VLSHo6wKPswQRS3yTrZUlIOynPULWzb2wavOxJJkj8rSHf3qk2AgAAAS1SAAAABWgBB5kDRGPUSpqbIMhP9sbtNFBK3P1LsxDMoBdx1w907CSToKjMvJLIC6YPqHVQmjek3jQgUh55VWqBlhFW3Q4CaMvaMLvx0Ne-w6IdVAq93bQPOkm9jGWauCy9q99y5lPCnd1ibAAtk-B6a_W9FvbovTEIzBtGBjwS3rI2RTETFhZNGkrdIsFVxKkhckcL6AjLJMcQTJvqi0-1qV0szCL0AOaGMdRkmg9z3FBslljBpHeRi8AqrLTftmalMpOxQR_pDoHKFiCdPIHVp1dlqAF96n4DdLx_OqjoQnkrUfAQ4gx7LuNxdvoow0dRmtJCL-Lp2bSRMJSvxudhXHa6EtIenuGh6xtyXJ-AWA6lmv-SKFZwakX20XrXChKbPquVK5Jwss4c8tUE-NAJIXyJMOza76y1jStRD7PK9YXwvNrqx07mBxXh-7JWZXuAw23wnq36iCbAk0EqA481ltXSHbrIsS7_afxG1Y5CvSuKU6erzcXzyEmNU-Jl3nVj7notfe-Dss4OQjbUAusgCA4mTfJgSJUCWyyR5KzWIQoC_juicodpbSRrA2PW21uRntz0_xKXHE7WloMe8WYrUqwJUiIfKlcFLj8zmVVVwjLFKWa7qwp19m9cW33PiGo_OOa_yPozAPwstB7V5pfc4b0iYD_tWe96vFFSukxkOSY4HU0TlUKnft8SLMQJdIw2aXGVWT3_wuOVgEaWg9n8LUe4ZQpyp3I0Loa6p9D9fIetqUFNC5-XfDm9vS9QEChj8-nXTxRDlnxnzOOizpLqpEGHERi4OT7uRpC1XTr4SXATz18jfBor7CTow4xC5A4yCs431Fao_DQ-94viP4x3PnIRlEF8oxaDoyyu2LOsLDAsCdkvNGhLPeAI1CWcV6ssvPADKr8mf5L7QD7Ng5uNRGTwOg0HiEcCmZC_oOc3RTuQxaOtbRDXekMjkgE5KSaer5WOOXQ-VVM2CaWIsTqxHZ-DIJrW5OrCRT7aZBxlEZ-SLhUnd36HJI_KSOpDMdHVklRRurF4lZrOMewGoCWu4u-5A2JmFiTUQTRPQ3icbHwBRlZsA5sEe3dPnaS0nuIC02P43R3ranS__rc9UWrRvEiL5QVAjaSareFuhAZY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 487D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 22:01:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
87184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 22:01:59 GMT
dt
dt.adsafeprotected.com/ Frame FA80 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=c2b88e9b-3ed0-8d95-5b42-17c4a3bc239a&tv=%7Bc:wloXUF,time:695,type:e,im:%7Bpci:%7Btdr:544%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:695,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B687~0%5D,as:%5B90~0.0,597~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:188,fm:tXZ0k8N+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g.1627455-73523880%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h%7C1i*.1627455-73523880%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m1%7C1m2,idMap:1i*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:33,sis:237%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5d:871:cd4c:9577 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
server
nginx
x-server-name
dt27.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
generate_204
tpc.googlesyndication.com/ Frame 487D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?MhTLwQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dt
dt.adsafeprotected.com/ Frame AB47 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=2ce66e29-5b31-1dc3-696c-e4c7bb5ba3ee&tv=%7Bc:wloXXh,time:1078,type:e,im:%7Bpci:%7Btdr:1009%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1078,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:43,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1070~0%5D,as:%5B1070~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:123,fm:tXZ0k8N+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g*.1627455-73523880%7C1g1%7C1g2%7C1g3%7C1g4%7C1h%7C1i.1627455-73523880%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m,idMap:1g*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:45,sis:409%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5d:871:cd4c:9577 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:04 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame FA80 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyaD33L165EgPmrmgeoFVVVCd81bIbCXkyhFVyxqazn5vYYgOlhRlgR33-muwtGWWZ0eVqQbwBfSSbdPj6HFjA7AeMF5zdPhCiV_4hTRtTsH-OOiE1jRs_-AvOL9hv-bXPbAX3qs15hONk&sai=AMfl-YTaW-Q4swA0RMJoGujr9_4Lnkg8RN1cTYTVjTn3lvStvDrWJUvCFwHv7V7YbDiGReULmw3cMCe327gu3AkcrRbSeFLpD6UOTKf1UTfDLiVJ_fAUTthBOWIu4C0E4ELDcDoNcIClZTw&sig=Cg0ArKJSzL5faJtel_B4EAE&cid=CAQSPADICaaNJk0QsoOBIbZhkYIHGDe-J_znjhXWr3VVqhxBxY6srt3iZu7CZvJFXQRNzDDqd2EKqtFL9UFgHhgB&id=lidar2&mcvt=1003&p=378,436,468,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3239016431&rs=4&la=0&cr=0&vs=4&r=v&rst=1702160102188&rpt=728&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7F5D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2Fvideo1%2FVVVBTRVD_em.com.br&sz=1x1%7C400x300%7C640x480&url=http%3A%2F%2Fwww.em.com.br%2F&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=http%3A%2F%2Fwww.em.com.br%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&bumper=after&max_ad_duration=30000&min_ad_duration=0&sid=C355DB27-1B23-4037-81E5-B1F11D27935B&adk=1748514863&correlator=1477123679056832&ctv=0&dlt=1702160099794&dt=1702160104101&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=3243&is_amp=0&npa=1&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=1045254448027048&sdk_apis=2%2C7%2C8&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806075&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=6887&kfa=0&tfcd=0&top=http%3A%2F%2Fwww.em.com.br%2F&loc=http%3A%2F%2Fwww.em.com.br%2F&cookie=ID%3Ded30445369e3ec21%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_Mbw0S7wXrmPKQ8H_jUk8WaePsLUsA&gpic=UID%3D00000d111056c9e0%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_MYQfEYFwI4yYVGotX5GPHNPisM_Qw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ev
s.seedtag.com/e/ 		0
14 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/e/ev
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 22:15:04 GMT
via
1.1 google
server
openresty
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
http://www.em.com.br
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=EUuOSLbwbwigi2P/dqaennxkVh9pWIOgJvYDtD1Pyql9IYFR5n7wv2Qx+zv/1sQVRbHZxJ4EP/wiIJPVcV1Rmz7Er179TS4TdydHAgLow29j+06+ffh8Xkw3peEN0t3OdQERF2JvhTtcsEH7mmAgtXTCO5egIpYYA8qa7l9wrStbOnJzlX3D0+iM2VuLMw9mM79eCFjetwVbTjIjg++APDrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YEE0IGVL4e0lOrt0KdLSwS3IX1dszhM1tc8eywCrkwIlW5/VzPv1TkVwfTNtXjp3TfTByheM6l0l7UC8W+mjYUY2b1+taGRagB+h5LVDbTFXDjaEHqgU/3PmbtW8J6EFNDtKXXM6hRRkqZL9OC4rk3CFSUqMNHlWpOYICSqcpy3M=&cb=47366115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-58-110.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:04 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=EUuOSLbwbwigi2P/dqaennxkVh9pWIOgJvYDtD1Pyqk4szzWnYxzHqnNp0qZ/bL+RbHZxJ4EP/wiIJPVcV1Rmz7Er179TS4TdydHAgLow29j+06+ffh8Xkw3peEN0t3OdQERF2JvhTtcsEH7mmAgtXTCO5egIpYYA8qa7l9wrStbOnJzlX3D0+iM2VuLMw9mM79eCFjetwVbTjIjg++APDrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YEE0IGVL4e0lOrt0KdLSwS3IX1dszhM1tc8eywCrkwIneTdU870wTStyvdid4LALCwM2ZCua1Zl8BebX7mVYKVY2b1+taGRagB+h5LVDbTFXDjaEHqgU/3PmbtW8J6EFNDtKXXM6hRRkqZL9OC4rk3CFSUqMNHlWpOYICSqcpy3M=&cb=95502899
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-58-110.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:04 GMT
server
nginx/1.6.2
ads
pubads.g.doubleclick.net/gampad/ Frame 7F5D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C6887%2Fvideo_1%2FVEGATRVD_em.com.br&description_url=http%3A%2F%2Fwww.em.com.br%2F&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1477123679056832&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=1748514863&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=C355DB27-1B23-4037-81E5-B1F11D27935B&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806075&url=http%3A%2F%2Fwww.em.com.br%2F&dlt=1702160099794&idt=3243&dt=1702160104163&cookie=ID%3Ded30445369e3ec21%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_Mbw0S7wXrmPKQ8H_jUk8WaePsLUsA&gpic=UID%3D00000d111056c9e0%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_MYQfEYFwI4yYVGotX5GPHNPisM_Qw&scor=1045254448027048&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame FA80 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=c2b88e9b-3ed0-8d95-5b42-17c4a3bc239a&tv=%7Bc:wloY2b,pingTime:-10,time:1161,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjcxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1702160103618%7C%7C6a5bdb0b6f037a045789d58f6dfc26f0%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C1a92a48ea56f00c9622f9ebb838b7aca%7C%7C650215f0b056b38e570df2c1d2c194d5%7C%7Cb1fcb00f0421f27f128ae5bde9db964e%7C%7Cd06413aa2309774d68c4c06bcd4cf32b%7C%7C871e35884bc4858fd04ca4f51251d7a2%7C%7C1663701684,sca:%7Bspg:2ce66e29-5b31-1dc3-696c-e4c7bb5ba3ee%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5d:871:cd4c:9577 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:04 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
csi
csi.gstatic.com/ Frame 7F5D 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=2~lpym6dpa&c=2033634996664&slotId=1016817498332&ghmsh_eids=44772139%2C44777649%2C44781409%2C44804291%2C44806075
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:04 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=EUuOSLbwbwigi2P/dqaennxkVh9pWIOgJvYDtD1Pyql9IYFR5n7wv2Qx+zv/1sQVRbHZxJ4EP/wiIJPVcV1Rmz7Er179TS4TdydHAgLow29j+06+ffh8Xkw3peEN0t3OdQERF2JvhTtcsEH7mmAgtXTCO5egIpYYA8qa7l9wrStbOnJzlX3D0+iM2VuLMw9m+FVr0vePEPs7RA7l4+OuSjrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Ydv3o5FNNg6w9MGsEpsTiYm7w+gRSTDk1BIN+GsF0ooRL6/6bjzykFx1cfoywZSzAWo5MjD/Bz+AwOLWI+OomroBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1JqFaaMmASW9kD9EHLrLcx/gwOqLVeFi3yrPG+ZbNSXXY=&cb=20838114
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-58-110.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:04 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=EUuOSLbwbwigi2P/dqaennxkVh9pWIOgJvYDtD1Pyqk4szzWnYxzHqnNp0qZ/bL+RbHZxJ4EP/wiIJPVcV1Rmz7Er179TS4TdydHAgLow29j+06+ffh8Xkw3peEN0t3OdQERF2JvhTtcsEH7mmAgtXTCO5egIpYYA8qa7l9wrStbOnJzlX3D0+iM2VuLMw9m+FVr0vePEPs7RA7l4+OuSjrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Ydv3o5FNNg6w9MGsEpsTiYm7w+gRSTDk1BIN+GsF0ooRogipnm5WLZ+KL3+1jLiFz2wrLExwEDBX/VU/6b2ZUPoBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1JqFaaMmASW9kD9EHLrLcx/gwOqLVeFi3yrPG+ZbNSXXY=&cb=61127952
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-58-110.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:04 GMT
server
nginx/1.6.2
ads
pubads.g.doubleclick.net/gampad/ Frame 7F5D 		6 KB
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C6887%2Fvideo1%2FVVEATRVD_em.com.br&description_url=http%3A%2F%2Fwww.em.com.br%2F&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1477123679056832&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=1748514863&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=C355DB27-1B23-4037-81E5-B1F11D27935B&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806075&url=http%3A%2F%2Fwww.em.com.br%2F&dlt=1702160099794&idt=3243&dt=1702160104430&cookie=ID%3Ded30445369e3ec21%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_Mbw0S7wXrmPKQ8H_jUk8WaePsLUsA&gpic=UID%3D00000d111056c9e0%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_MYQfEYFwI4yYVGotX5GPHNPisM_Qw&scor=1045254448027048&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46f38359488d0624cedf0a83c97ed4b99b01d2e07f3ad9c0c14deebfd2ccb9c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
804
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=2205472116647278&bg=!xMelx4jNAAY3kmNgF5I7ADQBe5WfOKP5vCGryzzp7_Cb3smTVgQ1JJAeoiU0PRsRtXrhljBnzpG7jpyfv1CudlBg-EibAgAAAHNSAAAABGgBB5kDAB2PtZW3vAjtXBc_jnHitdKE_xGSd-jx51oH1USIoYc2I0pEZeNhFSNh9WuI8FMXvTQwudhapLTuRycfG1pvDFN2e6f1IuV3pb2rk56-Y9IMlorXi--OdKXIqMnwms_uHBSwEi3qX5PwkkCxzdzmo8j0jdW-YRdCbRpOc48msxfc6DPns5KH8uCXs0WagGW99SMrZdecQpMv_L-YAFt7Nm6SUKt7oL5ueh5Buh1CEqs0_fjEUSekcaGVV-QbJ9kmyJqDRyAXz3O6p25hR4iLY2HbOMW1E92TADcHYAuavbu5XiOpd8f6FOOlu1Qtx2-7asEvj3eA3_Zbb6IvEl7Fn2aICbUAsqN29PWe7ncNGE9YT7ZJK5XeiMmOaImxsZoZ9aJxgyrbtGUd7PAnShqfebyrWigiWWjZH4XoWclEJp-_Gcoqu59BLQW7ldJk9RNO2o16NsSGsg6UVvAQ7Nwqs5tJDrdOBdqTXAHWYaiwjidItibqdh_QdkxJSrL4wg_u7hCAe0RdhzreAje-ASMOyUHQ_fIcK8MG23x0m0LMIY3dHkAg9Huc3inWTjiiSErm1w4Bn4C2RR2if2oivQjVyCWW9dob_TLYpnx-qdOzcFV4N8kdv2qu7FWv6POsL3FegF0kGXQFGMpxJXczMrP01LMNp4Ce53ie4ehyg8hsa37vHaQivhZE9wamaO_Sp5NnQGbAl8G5GUyszLi-dt0_dAgsCXKpKwkP6zZ0aFbk58XVopPn1HrRNkxyq9ZgHabgIrm9zOs8O3OEuv06GVPpwtkKcn_uiQLHVStnIdewnSz-kwaMRZ7gdO2Y_CvGLfQJjDqNTI7JWyj_ID0G2c2fe3QFn_yZP819urLadEkiEEXx_1PTY3mX4InIrAgs19wtmAxx2FpBrCyDdh1FzuSjzFNDomEYqYTeMlCekZKfTDnaQoxgXX4bAT_szlXpOMTjKjNavjwD-EmPplWvU--ckwnYKItZnbCsJLXzg_N5OXN9jGXFeMCVb9fJ4rkmgAcSlg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB47 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5253653239406&version=m202309260101&ct=76&x=1&cor=1326240916652174600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FA80 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3527801881658&version=m202309260101&ct=76&x=1&cor=8962062580978825000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
cksync.php
cs.media.net/
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
  • https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=01BW59M51Rc5Be5
52 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=01BW59M51Rc5Be5
Protocol
HTTP/1.1
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 22:15:04 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
52
x-mnet-hl2
E
Expires
Sat, 09 Dec 2023 22:15:04 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 22:15:04 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=01BW59M51Rc5Be5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
cs.media.net/ 		52 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.php?cs=8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Dec 2023 22:15:04 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
52
x-mnet-hl2
E
Expires
Sat, 09 Dec 2023 22:15:04 GMT
sync
x.bidswitch.net/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=1&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.82.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-82-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cksync.php
contextual.media.net/
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=1&gdpr_consent=${GDPR_CONSENT}&us_privacy=&gpp=${GPP_STRING_142}&gpp_sid=${GPP_SID}&url=https%3A%2F%2Fcontextual.media.net...
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=932e5778-8bba-459a-a5a6-8d2d60784c5c&gdpr=1&gdpr_consent=${GDPR_CONSENT}&us_privacy=
52 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=932e5778-8bba-459a-a5a6-8d2d60784c5c&gdpr=1&gdpr_consent=${GDPR_CONSENT}&us_privacy=
Protocol
H2
Server
23.52.120.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-120-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 09 Dec 2023 22:15:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Sat, 09 Dec 2023 22:15:04 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:03 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=932e5778-8bba-459a-a5a6-8d2d60784c5c&gdpr=1&gdpr_consent=${GDPR_CONSENT}&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1163314
content-length
0
expires
Sat, 09 Dec 2023 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7F5D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2Fvideo1%2FVVEATRVD_em.com.br&sz=1x1%7C400x300%7C640x480&url=http%3A%2F%2Fwww.em.com.br%2F&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=http%3A%2F%2Fwww.em.com.br%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&bumper=before&max_ad_duration=30000&min_ad_duration=0&sid=C355DB27-1B23-4037-81E5-B1F11D27935B&adk=1748514863&correlator=1477123679056832&ctv=0&dlt=1702160099794&dt=1702160104595&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491&idt=3243&is_amp=0&npa=1&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=1045254448027048&sdk_apis=2%2C7%2C8&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806075&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=6887&kfa=0&tfcd=0&top=http%3A%2F%2Fwww.em.com.br%2F&loc=http%3A%2F%2Fwww.em.com.br%2F&cookie=ID%3Ded30445369e3ec21%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_Mbw0S7wXrmPKQ8H_jUk8WaePsLUsA&gpic=UID%3D00000d111056c9e0%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_MYQfEYFwI4yYVGotX5GPHNPisM_Qw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7F5D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2Fvideo1%2FVVEATRVD_em.com.br&sz=1x1%7C400x300%7C640x480&url=http%3A%2F%2Fwww.em.com.br%2F&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=http%3A%2F%2Fwww.em.com.br%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&pmnd=0&pmxd=180000&max_ad_duration=120000&sid=C355DB27-1B23-4037-81E5-B1F11D27935B&adk=1748514863&correlator=1477123679056832&ctv=0&dlt=1702160099794&dt=1702160104652&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=3243&is_amp=0&npa=1&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=1045254448027048&sdk_apis=2%2C7%2C8&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806075&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=6887&kfa=0&tfcd=0&top=http%3A%2F%2Fwww.em.com.br%2F&loc=http%3A%2F%2Fwww.em.com.br%2F&cookie=ID%3Ded30445369e3ec21%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_Mbw0S7wXrmPKQ8H_jUk8WaePsLUsA&gpic=UID%3D00000d111056c9e0%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_MYQfEYFwI4yYVGotX5GPHNPisM_Qw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7F5D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2Fvideo1%2FVVEATRVD_em.com.br&sz=1x1%7C400x300%7C640x480&url=http%3A%2F%2Fwww.em.com.br%2F&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=http%3A%2F%2Fwww.em.com.br%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&bumper=after&max_ad_duration=30000&min_ad_duration=0&sid=C355DB27-1B23-4037-81E5-B1F11D27935B&adk=1748514863&correlator=1477123679056832&ctv=0&dlt=1702160099794&dt=1702160104931&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=3243&is_amp=0&npa=1&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=1045254448027048&sdk_apis=2%2C7%2C8&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806075&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=6887&kfa=0&tfcd=0&top=http%3A%2F%2Fwww.em.com.br%2F&loc=http%3A%2F%2Fwww.em.com.br%2F&cookie=ID%3Ded30445369e3ec21%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_Mbw0S7wXrmPKQ8H_jUk8WaePsLUsA&gpic=UID%3D00000d111056c9e0%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_MYQfEYFwI4yYVGotX5GPHNPisM_Qw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=EUuOSLbwbwigi2P/dqaennxkVh9pWIOgJvYDtD1Pyql9IYFR5n7wv2Qx+zv/1sQVRbHZxJ4EP/wiIJPVcV1Rmz7Er179TS4TdydHAgLow29j+06+ffh8Xkw3peEN0t3OdQERF2JvhTtcsEH7mmAgtXTCO5egIpYYA8qa7l9wrStbOnJzlX3D0+iM2VuLMw9mE3ZJvfF7vsT5S3oAna7e0DrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YpJrTZRNy3PqyxdhLGXhqRDPgudOT+4BGsLhmApIu7UJW5/VzPv1TkVwfTNtXjp3TfTByheM6l0l7UC8W+mjYUY2b1+taGRagB+h5LVDbTFXDjaEHqgU/3PmbtW8J6EFNDtKXXM6hRRkqZL9OC4rk3CFSUqMNHlWpOYICSqcpy3M=&cb=21880924
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-58-110.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:05 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=EUuOSLbwbwigi2P/dqaennxkVh9pWIOgJvYDtD1Pyqk4szzWnYxzHqnNp0qZ/bL+RbHZxJ4EP/wiIJPVcV1Rmz7Er179TS4TdydHAgLow29j+06+ffh8Xkw3peEN0t3OdQERF2JvhTtcsEH7mmAgtXTCO5egIpYYA8qa7l9wrStbOnJzlX3D0+iM2VuLMw9mE3ZJvfF7vsT5S3oAna7e0DrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YpJrTZRNy3PqyxdhLGXhqRDPgudOT+4BGsLhmApIu7ULeTdU870wTStyvdid4LALCwM2ZCua1Zl8BebX7mVYKVY2b1+taGRagB+h5LVDbTFXDjaEHqgU/3PmbtW8J6EFNDtKXXM6hRRkqZL9OC4rk3CFSUqMNHlWpOYICSqcpy3M=&cb=42370422
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-58-110.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:05 GMT
server
nginx/1.6.2
ads
pubads.g.doubleclick.net/gampad/ Frame 7F5D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C6887%2Fvideo_1%2FVEBATRVD_em.com.br&description_url=http%3A%2F%2Fwww.em.com.br%2F&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1477123679056832&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=1748514863&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=C355DB27-1B23-4037-81E5-B1F11D27935B&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806075&url=http%3A%2F%2Fwww.em.com.br%2F&dlt=1702160099794&idt=3243&dt=1702160104996&cookie=ID%3Ded30445369e3ec21%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_Mbw0S7wXrmPKQ8H_jUk8WaePsLUsA&gpic=UID%3D00000d111056c9e0%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_MYQfEYFwI4yYVGotX5GPHNPisM_Qw&scor=1045254448027048&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame AB47 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=2ce66e29-5b31-1dc3-696c-e4c7bb5ba3ee&tv=%7Bc:wloYfh,pingTime:1,time:2194,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:43%7D,%7Bpiv:100,vs:i,r:,t:1192%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1192,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:43,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1184~0,0~100%5D,as:%5B1184~728.90%5D%7D%7D,%7Bsl:i,t:1192,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:93,fm:tXZ0k8N+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g*.1627455-73523880%7C1g1%7C1g2%7C1g3%7C1g4%7C1h%7C1i.1627455-73523880%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m,idMap:1g*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:45,sis:409%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5d:871:cd4c:9577 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:05 GMT
server
nginx
x-server-name
dt23.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame AB47 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=2ce66e29-5b31-1dc3-696c-e4c7bb5ba3ee&tv=%7Bc:wloYfh,pingTime:1,time:2194,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:43%7D,%7Bpiv:100,vs:i,r:,t:1192%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1192,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:43,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1184~0,0~100%5D,as:%5B1184~728.90%5D%7D%7D,%7Bsl:i,t:1192,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:93,fm:tXZ0k8N+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g*.1627455-73523880%7C1g1%7C1g2%7C1g3%7C1g4%7C1h%7C1i.1627455-73523880%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m,idMap:1g*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:45,sis:409%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5d:871:cd4c:9577 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:05 GMT
server
nginx
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=EUuOSLbwbwigi2P/dqaennxkVh9pWIOgJvYDtD1Pyql9IYFR5n7wv2Qx+zv/1sQVRbHZxJ4EP/wiIJPVcV1Rmz7Er179TS4TdydHAgLow29j+06+ffh8Xkw3peEN0t3OdQERF2JvhTtcsEH7mmAgtXTCO5egIpYYA8qa7l9wrStbOnJzlX3D0+iM2VuLMw9m6EutceD4CQjTrXI+NARArzrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Y5E1sdsDj6/9YaLwIZ1kO4MrmYp9I5o+1PfViI91RdN7AzZkK5rVmXwF5tfuZVgpVc4dR8NTFGgwSGYL8pzC7sQPH1+Z1jmcPF6Od132qOsQ13j2twbHH6ccz94QPW0fJ3qbASlJoo3+FgmmPzqqeJg==&cb=56610519
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-58-110.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:05 GMT
server
nginx/1.6.2
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=EUuOSLbwbwigi2P/dqaennxkVh9pWIOgJvYDtD1Pyqk4szzWnYxzHqnNp0qZ/bL+RbHZxJ4EP/wiIJPVcV1Rmz7Er179TS4TdydHAgLow29j+06+ffh8Xkw3peEN0t3OdQERF2JvhTtcsEH7mmAgtXTCO5egIpYYA8qa7l9wrStbOnJzlX3D0+iM2VuLMw9m6EutceD4CQjTrXI+NARArzrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Y5E1sdsDj6/9YaLwIZ1kO4MrmYp9I5o+1PfViI91RdN59MHKF4zqXSXtQLxb6aNhReTFP+w1BH9yXSV5LQnQlDwPH1+Z1jmcPF6Od132qOsQ13j2twbHH6ccz94QPW0fJ3qbASlJoo3+FgmmPzqqeJg==&cb=44897584
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-58-110.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:05 GMT
server
nginx/1.6.2
ads
pubads.g.doubleclick.net/gampad/ Frame 7F5D 		6 KB
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C6887%2Fvideo1%2FVVVATRVD_em.com.br&description_url=http%3A%2F%2Fwww.em.com.br%2F&tfcd=0&npa=1&sz=1x1%7C400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1477123679056832&vad_type=linear&pod=1&pmad=2&pmnd=0&pmxd=120000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=1748514863&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=C355DB27-1B23-4037-81E5-B1F11D27935B&nel=0&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806075&url=http%3A%2F%2Fwww.em.com.br%2F&dlt=1702160099794&idt=3243&dt=1702160105151&cookie=ID%3Ded30445369e3ec21%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_Mbw0S7wXrmPKQ8H_jUk8WaePsLUsA&gpic=UID%3D00000d111056c9e0%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_MYQfEYFwI4yYVGotX5GPHNPisM_Qw&scor=1045254448027048&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
915fcfd12e4199f970f19c3e0106b3b9387bf45df4c62722fbade10208be9e96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
804
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7F5D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2Fvideo1%2FVVVATRVD_em.com.br&sz=1x1%7C400x300%7C640x480&url=http%3A%2F%2Fwww.em.com.br%2F&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=http%3A%2F%2Fwww.em.com.br%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&bumper=before&max_ad_duration=30000&min_ad_duration=0&sid=C355DB27-1B23-4037-81E5-B1F11D27935B&adk=1748514863&correlator=1477123679056832&ctv=0&dlt=1702160099794&dt=1702160105210&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=3243&is_amp=0&npa=1&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=1045254448027048&sdk_apis=2%2C7%2C8&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806075&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=6887&kfa=0&tfcd=0&top=http%3A%2F%2Fwww.em.com.br%2F&loc=http%3A%2F%2Fwww.em.com.br%2F&cookie=ID%3Ded30445369e3ec21%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_Mbw0S7wXrmPKQ8H_jUk8WaePsLUsA&gpic=UID%3D00000d111056c9e0%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_MYQfEYFwI4yYVGotX5GPHNPisM_Qw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7F5D 		111 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2Fvideo1%2FVVVATRVD_em.com.br&sz=1x1%7C400x300%7C640x480&url=http%3A%2F%2Fwww.em.com.br%2F&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=http%3A%2F%2Fwww.em.com.br%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&pmnd=0&pmxd=180000&max_ad_duration=120000&sid=C355DB27-1B23-4037-81E5-B1F11D27935B&adk=1748514863&correlator=1477123679056832&ctv=0&dlt=1702160099794&dt=1702160105262&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=3243&is_amp=0&npa=1&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=1045254448027048&sdk_apis=2%2C7%2C8&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806075&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=6887&kfa=0&tfcd=0&top=http%3A%2F%2Fwww.em.com.br%2F&loc=http%3A%2F%2Fwww.em.com.br%2F&cookie=ID%3Ded30445369e3ec21%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_Mbw0S7wXrmPKQ8H_jUk8WaePsLUsA&gpic=UID%3D00000d111056c9e0%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_MYQfEYFwI4yYVGotX5GPHNPisM_Qw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ccbd47cf14ab7da85c575857ecbac28f7185fdf6f37314f7184c843bac7c77f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19534
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame FA80 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=c2b88e9b-3ed0-8d95-5b42-17c4a3bc239a&tv=%7Bc:wloYix,pingTime:1,time:2175,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:32%7D,%7Br:r,w:728,h:90,t:98%7D,%7Bpiv:100,vs:i,r:,t:1174%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1174,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1167~0,0~100%5D,as:%5B90~0.0,1077~728.90%5D%7D%7D,%7Bsl:i,t:1174,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:95,fm:tXZ0k8N+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g.1627455-73523880%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h%7C1i*.1627455-73523880%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m1%7C1m2,idMap:1i*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:33,sis:237%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5d:871:cd4c:9577 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:05 GMT
server
nginx
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame FA80 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=c2b88e9b-3ed0-8d95-5b42-17c4a3bc239a&tv=%7Bc:wloYiy,pingTime:1,time:2176,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:32%7D,%7Br:r,w:728,h:90,t:98%7D,%7Bpiv:100,vs:i,r:,t:1174%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1174,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1167~0,0~100%5D,as:%5B90~0.0,1077~728.90%5D%7D%7D,%7Bsl:i,t:1174,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:95,fm:tXZ0k8N+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g.1627455-73523880%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h%7C1i*.1627455-73523880%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m1%7C1m2,idMap:1i*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:33,sis:237%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5d:871:cd4c:9577 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:05 GMT
server
nginx
x-server-name
dt26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
csi
csi.gstatic.com/ Frame 7F5D 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=3~lpym6eaw&c=2033634996664&slotId=1016817498332&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=GOZkn7qL2KM&hghme=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 7F5D 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=4~lpym6f55&c=2033634996664&slotId=1016817498332&qqid=CL6NtcOwg4MDFRmW_QcdbSMBGg&gqid=6eZ0Zda7ENGl9u8PiMqWsAY&fb=ima_html5-lima&sdkv=h.3.608.2&ppt=truvid&ppv=1.0.0&mrd=4&aab=1&itv=1&met.4=ghmsh_s.lpym6f57~ghmsh_s.lpym6f58&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=OGS51HmRNlsQ7yMv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F5D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44804291%2C44806075&id=ima_html5&c=2673353202387128&domain=www.em.com.br
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 7F5D 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-8787923930478618
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:00:02 GMT
x-content-type-options
nosniff
age
903
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 22:50:02 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7F5D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cgnf66eZ0Zf70EZms9u8P7caE0AHi4p_TdOyLv9SPErCQHxABIJO6zoABYLkDoAGcr_uoAsgBBeACAKgDAZgEAKoEzQJP0DtxwZlHTIsir8KR3hEQ6cJsHEUnuk9d6vAaNgRwrTc9CINJcB2DCs70tPforuk7bX1BgS4Gr8vfLHtsPinqkxYcHfJcvIrgzsxpwZI1-X1f1pd27yVi0_vUU20Wqt5mG90fB7GHcDHKBfyD8eIVd0vpSKdo82JOdWrqZAkVL8J8Ucu4U4i50foroo9oxPj_EaOKjPwthW6kPLU4ocIOkX2ayPxrOYJw4f_iMh-xqo8VQ5ATyJdBrdNB_LTqQJXxer716VSJSvqosQ-X7HcWBNzmBlOo5oOBSCm0jix1K4Q5JetVp-BWbkk-IyPnUIw7OGkXIZb4NDsxjsvdbLjUkwtkvAnLk660ScbLceub5babkD8kWk9lZkkPFjQtwnd6YmbpYAv_SWdSyu7JA1eMibnuP7NUqqOe5mOUQjXDiBaeIqe0YCZS9EpucHXABKveg-K1BOAEAYgFt9TjkkygBlSAB8zQhNcBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggfCIDhgHAQARgdMgLrAjoCgEBIvf3BOljc_LPDsIODA7EJSHXynh8zAPSACgOYCwHICwHQCw6iDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAtoMEQoLEMCPltKbq8rssAESAgEDmg0BDqoNAkxUyA0B4g0TCJWmtMOwg4MDFRmW_QcdbSMBGtgTDYgUAdAVAZgWAeIWAggB-BYBgBcB&sigh=O2BUHsk81B0&label=show_ad&sdkv=h.3.608.2&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYyMjY3OTAxNjk0MDIMNjgzNDA1NjM4MjE2QPYBUiMQDyUAAK5CKAE6C0dPWmtuN3FMMktNQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 7F5D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=Cdppu6eZ0Zf70EZms9u8P7caE0AHi4p_TdOyLv9SPErCQHxABIJO6zoABYLkDoAGcr_uoAsgBBeACAKgDAZgEAKoEygJP0DtxwZlHTIsir8KR3hEQ6cJsHEUnuk9d6vAaNgRwrTc9CINJcB2DCs70tPforuk7bX1BgS4Gr8vfLHtsPinqkxYcHfJcvIrgzsxpwZI1-X1f1pd27yVi0_vUU20Wqt5mG90fB7GHcDHKBfyD8eIVd0vpSKdo82JOdWrqZAkVL8J8Ucu4U4i50foroo9oxPj_EaOKjPwthW6kPLU4ocIOkX2ayPxrOYJw4f_iMh-xqo8VQ5ATyJdBrdNB_LTqQJXxer716VSJSvqosQ-X7HcWBNzmBlOo5oOBSCm0jix1K4Q5JetVp-BWbkk-IyPnUIw7OGkXIZb4NDsxjsvdbLjUkwtkvAnLk660ScbLceub5babkD8kWk9lZkkPFjQtwi97uEHlIqbZ26yJU7AmmkRkbMU38tVxoD2VyHsQuci_UdFmDIusqdjTqqXABKveg-K1BOAEAYgFt9TjkkySBRAIEhAFGA8wo7Gv1PuTmfMYoAZUgAfM0ITXAagH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwUQ58qxBKgIAdIIHwiA4YBwEAEYHTIC6wI6AoBASL39wTpY3Pyzw7CDgwOaCf0BaHR0cHM6Ly93d3cuaGVyby13YXJzLmNvbS8_aGw9ZW4mZGVsYXllZHNpZ251cD10cnVlJm54X3NvdXJjZT1hZHhfYWR3b3Jkc3lvdXR1YmUuaHdfd2JfdXRfLS5jYy13d18xMGxhbmcuZy1hbGwuYS0yNTU0LmF1LWludF9nYW1lcnMub3B0LXB1cmNoYXNlLmNvbS1uZXdhYy5scC1kZWxheWVkLmNyLWh3X2R1bmdlb250cmliYWwyYl9IX0VOXzg3LmR0LXlvdXR1YmUuY2lkLTIwNDQwNDc2MjE1LmFnaWQtMTUxODcxNjE0NzYzLmNzZC0wNDEyMjMuLYAKA8gLAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7EC4g0TCJWmtMOwg4MDFRmW_QcdbSMBGsITBhicr_uoAtgTDYgUAdAVAZgWAeIWAggBgBcBshceChwIABIUcHViLTU3Njc1NjMxODc5MzYwMDYYqLx4&sigh=R4b99HUsmMY&cmd=Ch1jYS12aWRlby1wdWItODc4NzkyMzkzMDQ3ODYxOBAAGAI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNZ2vUJ-Fnmy3B6vOmg-Vz1Z1On3LS162ziW9J9X2NRVUekvxoMDnJ61sh2jJB92O7q7fJIDP7FRgB&vt=10&sdkv=h.3.608.2&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYyMjY3OTAxNjk0MDIMNjgzNDA1NjM4MjE2QPYBUiMQDyUAAK5CKAE6C0dPWmtuN3FMMktNQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=EUuOSLbwbwigi2P/dqaennxkVh9pWIOgJvYDtD1PyqnnqFmLScPb6H3RmCRPXBlz05MG5WynEw1IlZcXXYb3nc5mjT2kDNUvaVgeU0ZpiAWoxYPPA4XXpTVqEi0xUXdcAj1inIMMwgQggfGbx3XlknJtau2QVitgKLvV+OaQ1W5lD/6/y4dgwvMHCmwafp6hK3i62nMpIoqqHXvrzq75kq7s+iU+MYv++iv+GmEI9W1DFUVrCL7KqhiktQ3WMJ9Fr/wCviwQTqKLlIBWRprc1RnOGi3RLIi7jWhy1X/abAssqLTyTCEC2GW1sUuDiSDmK3vtaL0Za2KmYp3hgP3cVBs7ConJmPNYBb9jWrknTPbTfxhUMHZufgdsVe12AW+X4xCZUp6MpNp4N4WDCjkHXQ==&cb=71537748
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-58-110.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:05 GMT
server
nginx/1.6.2
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&top=1&puid=1~lpym6cwq&c=2033634996664&slotId=1016817498332&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr3---sn-4g5lznls.googlevideo.com/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-4g5lznls.googlevideo.com/videoplayback?expire=1702188905&ei=6eZ0ZdW0G_nLi9oP_I2vuAw&ip=2a01:4a0:5a::9&id=18e6649fba8bd8a3&itag=22&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=V9&mm=31&mn=sn-4g5lznls&ms=au&mv=m&mvi=3&pl=29&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=87.028&lmt=1697188338369484&mt=1702159744&cpn=OGS51HmRNlsQ7yMv&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=ANLwegAwRQIgDNB5ijQn_HpkD0w3Z-ve5ToY37g_RuGUyyiMnp7L8gcCIQDNlArIXdTLoG3_3CQdB2XqY5vZEpoMCFvZPmdBACo-Dw==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AM8Gb2swRAIgJbY-wjLWdq90NVDUH8BENpuIy1zm5xeuhser40q1mhwCIHHBQb0BW4xMSSbdaQjxBkyJsXTvBLGJZbB5TSnWWqNa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:26::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.em.com.br/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range
bytes=0-

Response headers

Date
Sat, 09 Dec 2023 22:15:05 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 13 Oct 2023 09:12:18 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-6238285/6238286
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
6238286
Expires
Sat, 09 Dec 2023 22:15:05 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 7F5D 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2Fvideo1%2FVVVATRVD_em.com.br&sz=1x1%7C400x300%7C640x480&url=http%3A%2F%2Fwww.em.com.br%2F&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=http%3A%2F%2Fwww.em.com.br%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&bumper=after&max_ad_duration=30000&min_ad_duration=0&sid=C355DB27-1B23-4037-81E5-B1F11D27935B&adk=1748514863&correlator=1477123679056832&ctv=0&dlt=1702160099794&dt=1702160105564&ged=ve4_td6_tt3_pd6_la6000_er1200.960.1560.1600_vi0.0.1200.1600_vp0_ts1_eb16491&idt=3243&is_amp=0&npa=1&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=1045254448027048&sdk_apis=2%2C7%2C8&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44804291%2C44806075&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=6887&kfa=0&tfcd=0&top=http%3A%2F%2Fwww.em.com.br%2F&loc=http%3A%2F%2Fwww.em.com.br%2F&cookie=ID%3Ded30445369e3ec21%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_Mbw0S7wXrmPKQ8H_jUk8WaePsLUsA&gpic=UID%3D00000d111056c9e0%3AT%3D1702160100%3ART%3D1702160100%3AS%3DALNI_MYQfEYFwI4yYVGotX5GPHNPisM_Qw
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 7F5D 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=5~lpym6f5a&c=2033634996664&slotId=1016817498332&qqid=CL6NtcOwg4MDFRmW_QcdbSMBGg&gqid=6eZ0Zda7ENGl9u8PiMqWsAY&fb=ima_html5-lima&sdkv=h.3.608.2&ppt=truvid&ppv=1.0.0&mrd=4&aab=1&itv=1&ua_e=1&met.4=ghmsh_s.lpym6f5b&htp=1&faa=1&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::5e Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7F5D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cgnf66eZ0Zf70EZms9u8P7caE0AHi4p_TdOyLv9SPErCQHxABIJO6zoABYLkDoAGcr_uoAsgBBeACAKgDAZgEAKoEzQJP0DtxwZlHTIsir8KR3hEQ6cJsHEUnuk9d6vAaNgRwrTc9CINJcB2DCs70tPforuk7bX1BgS4Gr8vfLHtsPinqkxYcHfJcvIrgzsxpwZI1-X1f1pd27yVi0_vUU20Wqt5mG90fB7GHcDHKBfyD8eIVd0vpSKdo82JOdWrqZAkVL8J8Ucu4U4i50foroo9oxPj_EaOKjPwthW6kPLU4ocIOkX2ayPxrOYJw4f_iMh-xqo8VQ5ATyJdBrdNB_LTqQJXxer716VSJSvqosQ-X7HcWBNzmBlOo5oOBSCm0jix1K4Q5JetVp-BWbkk-IyPnUIw7OGkXIZb4NDsxjsvdbLjUkwtkvAnLk660ScbLceub5babkD8kWk9lZkkPFjQtwnd6YmbpYAv_SWdSyu7JA1eMibnuP7NUqqOe5mOUQjXDiBaeIqe0YCZS9EpucHXABKveg-K1BOAEAYgFt9TjkkygBlSAB8zQhNcBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggfCIDhgHAQARgdMgLrAjoCgEBIvf3BOljc_LPDsIODA7EJSHXynh8zAPSACgOYCwHICwHQCw6iDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAtoMEQoLEMCPltKbq8rssAESAgEDmg0BDqoNAkxUyA0B4g0TCJWmtMOwg4MDFRmW_QcdbSMBGtgTDYgUAdAVAZgWAeIWAggB-BYBgBcB&sigh=O2BUHsk81B0&label=video_ad_loaded&sdkv=h.3.608.2&vci=Co8BCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MjI2NzkwMTY5NDAyDDY4MzQwNTYzODIxNkD2AVIjEA8lAAC4QigBOgtHT1prbjdxTDJLTUIJZ29vZ2xlYWRzUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 7F5D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=Cdppu6eZ0Zf70EZms9u8P7caE0AHi4p_TdOyLv9SPErCQHxABIJO6zoABYLkDoAGcr_uoAsgBBeACAKgDAZgEAKoEygJP0DtxwZlHTIsir8KR3hEQ6cJsHEUnuk9d6vAaNgRwrTc9CINJcB2DCs70tPforuk7bX1BgS4Gr8vfLHtsPinqkxYcHfJcvIrgzsxpwZI1-X1f1pd27yVi0_vUU20Wqt5mG90fB7GHcDHKBfyD8eIVd0vpSKdo82JOdWrqZAkVL8J8Ucu4U4i50foroo9oxPj_EaOKjPwthW6kPLU4ocIOkX2ayPxrOYJw4f_iMh-xqo8VQ5ATyJdBrdNB_LTqQJXxer716VSJSvqosQ-X7HcWBNzmBlOo5oOBSCm0jix1K4Q5JetVp-BWbkk-IyPnUIw7OGkXIZb4NDsxjsvdbLjUkwtkvAnLk660ScbLceub5babkD8kWk9lZkkPFjQtwi97uEHlIqbZ26yJU7AmmkRkbMU38tVxoD2VyHsQuci_UdFmDIusqdjTqqXABKveg-K1BOAEAYgFt9TjkkySBRAIEhAFGA8wo7Gv1PuTmfMYoAZUgAfM0ITXAagH2baxAqgHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwUQ58qxBKgIAdIIHwiA4YBwEAEYHTIC6wI6AoBASL39wTpY3Pyzw7CDgwOaCf0BaHR0cHM6Ly93d3cuaGVyby13YXJzLmNvbS8_aGw9ZW4mZGVsYXllZHNpZ251cD10cnVlJm54X3NvdXJjZT1hZHhfYWR3b3Jkc3lvdXR1YmUuaHdfd2JfdXRfLS5jYy13d18xMGxhbmcuZy1hbGwuYS0yNTU0LmF1LWludF9nYW1lcnMub3B0LXB1cmNoYXNlLmNvbS1uZXdhYy5scC1kZWxheWVkLmNyLWh3X2R1bmdlb250cmliYWwyYl9IX0VOXzg3LmR0LXlvdXR1YmUuY2lkLTIwNDQwNDc2MjE1LmFnaWQtMTUxODcxNjE0NzYzLmNzZC0wNDEyMjMuLYAKA8gLAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7EC4g0TCJWmtMOwg4MDFRmW_QcdbSMBGsITBhicr_uoAtgTDYgUAdAVAZgWAeIWAggBgBcBshceChwIABIUcHViLTU3Njc1NjMxODc5MzYwMDYYqLx4&sigh=R4b99HUsmMY&cmd=Ch1jYS12aWRlby1wdWItODc4NzkyMzkzMDQ3ODYxOBAAGAI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNZ2vUJ-Fnmy3B6vOmg-Vz1Z1On3LS162ziW9J9X2NRVUekvxoMDnJ61sh2jJB92O7q7fJIDP7FRgB&sdkv=h.3.608.2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 7F5D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:50:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 20:50:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F5D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.608.2&e=44772139%2C44777649%2C44781409%2C44804291%2C44806075&id=ima_html5&c=2673353202387128&domain=www.em.com.br
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7F5D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C3qs06eZ0Zf70EZms9u8P7caE0AHi4p_TdOyLv9SPErCQHxABIJO6zoABYLkDoAGcr_uoAsgBBeACAKgDAZgEAKoEygJP0DtxwZlHTIsir8KR3hEQ6cJsHEUnuk9d6vAaNgRwrTc9CINJcB2DCs70tPforuk7bX1BgS4Gr8vfLHtsPinqkxYcHfJcvIrgzsxpwZI1-X1f1pd27yVi0_vUU20Wqt5mG90fB7GHcDHKBfyD8eIVd0vpSKdo82JOdWrqZAkVL8J8Ucu4U4i50foroo9oxPj_EaOKjPwthW6kPLU4ocIOkX2ayPxrOYJw4f_iMh-xqo8VQ5ATyJdBrdNB_LTqQJXxer716VSJSvqosQ-X7HcWBNzmBlOo5oOBSCm0jix1K4Q5JetVp-BWbkk-IyPnUIw7OGkXIZb4NDsxjsvdbLjUkwtkvAnLk660ScbLceub5babkD8kWk9lZkkPFjQtwi97uEHlIqbZ26yJU7AmmkRkbMU38tVxoD2VyHsQuci_UdFmDIusqdjTqqXABKveg-K1BOAEAYgFt9TjkkygBlSAB8zQhNcBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggfCIDhgHAQARgdMgLrAjoCgEBIvf3BOljc_LPDsIODA4AKA8gLAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7EC2gwRCgsQwI-W0puryuywARICAQOqDQJMVOINEwiVprTDsIODAxUZlv0HHW0jARrYEw2IFAHQFQGYFgHiFgIIAfgWAYAXAQ&sigh=oWPPmGZ81ZE&cmd=Ch1jYS12aWRlby1wdWItODc4NzkyMzkzMDQ3ODYxOBAAGAI&label=vast_creativeview&ad_mt=0&sdkv=h.3.608.2&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MjI2NzkwMTY5NDAyDDY4MzQwNTYzODIxNkD2AVImEA8lAAC4QigBOgtHT1prbjdxTDJLTUIJZ29vZ2xlYWRzSIEBUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7F5D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C3qs06eZ0Zf70EZms9u8P7caE0AHi4p_TdOyLv9SPErCQHxABIJO6zoABYLkDoAGcr_uoAsgBBeACAKgDAZgEAKoEygJP0DtxwZlHTIsir8KR3hEQ6cJsHEUnuk9d6vAaNgRwrTc9CINJcB2DCs70tPforuk7bX1BgS4Gr8vfLHtsPinqkxYcHfJcvIrgzsxpwZI1-X1f1pd27yVi0_vUU20Wqt5mG90fB7GHcDHKBfyD8eIVd0vpSKdo82JOdWrqZAkVL8J8Ucu4U4i50foroo9oxPj_EaOKjPwthW6kPLU4ocIOkX2ayPxrOYJw4f_iMh-xqo8VQ5ATyJdBrdNB_LTqQJXxer716VSJSvqosQ-X7HcWBNzmBlOo5oOBSCm0jix1K4Q5JetVp-BWbkk-IyPnUIw7OGkXIZb4NDsxjsvdbLjUkwtkvAnLk660ScbLceub5babkD8kWk9lZkkPFjQtwi97uEHlIqbZ26yJU7AmmkRkbMU38tVxoD2VyHsQuci_UdFmDIusqdjTqqXABKveg-K1BOAEAYgFt9TjkkygBlSAB8zQhNcBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggfCIDhgHAQARgdMgLrAjoCgEBIvf3BOljc_LPDsIODA4AKA8gLAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7EC2gwRCgsQwI-W0puryuywARICAQOqDQJMVOINEwiVprTDsIODAxUZlv0HHW0jARrYEw2IFAHQFQGYFgHiFgIIAfgWAYAXAQ&sigh=oWPPmGZ81ZE&cmd=Ch1jYS12aWRlby1wdWItODc4NzkyMzkzMDQ3ODYxOBAAGAI&label=part2viewed&ad_mt=0&sdkv=h.3.608.2&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MjI2NzkwMTY5NDAyDDY4MzQwNTYzODIxNkD2AVImEA8lAAC4QigBOgtHT1prbjdxTDJLTUIJZ29vZ2xlYWRzSIEBUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
playback
www.youtube.com/api/stats/ Frame 7F5D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?cmt=0&rt=0&rtn=10&delay=30&adformat=2_2_1&c=vast_gvp_ads&el=adunit&len=87&ns=yt&ver=2&vtype=gvp&cplatform=desktop&cpn=OGS51HmRNlsQ7yMv&docid=GOZkn7qL2KM&visitordata=CgtvOXppRlNpSF9Naw%3D%3D&of=-_xhI4eL4MjOL53E0nwGhA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 7F5D 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C3qs06eZ0Zf70EZms9u8P7caE0AHi4p_TdOyLv9SPErCQHxABIJO6zoABYLkDoAGcr_uoAsgBBeACAKgDAZgEAKoEygJP0DtxwZlHTIsir8KR3hEQ6cJsHEUnuk9d6vAaNgRwrTc9CINJcB2DCs70tPforuk7bX1BgS4Gr8vfLHtsPinqkxYcHfJcvIrgzsxpwZI1-X1f1pd27yVi0_vUU20Wqt5mG90fB7GHcDHKBfyD8eIVd0vpSKdo82JOdWrqZAkVL8J8Ucu4U4i50foroo9oxPj_EaOKjPwthW6kPLU4ocIOkX2ayPxrOYJw4f_iMh-xqo8VQ5ATyJdBrdNB_LTqQJXxer716VSJSvqosQ-X7HcWBNzmBlOo5oOBSCm0jix1K4Q5JetVp-BWbkk-IyPnUIw7OGkXIZb4NDsxjsvdbLjUkwtkvAnLk660ScbLceub5babkD8kWk9lZkkPFjQtwi97uEHlIqbZ26yJU7AmmkRkbMU38tVxoD2VyHsQuci_UdFmDIusqdjTqqXABKveg-K1BOAEAYgFt9TjkkygBlSAB8zQhNcBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcBqAgB0ggfCIDhgHAQARgdMgLrAjoCgEBIvf3BOljc_LPDsIODA4AKA8gLAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7EC2gwRCgsQwI-W0puryuywARICAQOqDQJMVOINEwiVprTDsIODAxUZlv0HHW0jARrYEw2IFAHQFQGYFgHiFgIIAfgWAYAXAQ&sigh=oWPPmGZ81ZE&cmd=Ch1jYS12aWRlby1wdWItODc4NzkyMzkzMDQ3ODYxOBAAGAI&label=admute&ad_mt=0&sdkv=h.3.608.2&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MjI2NzkwMTY5NDAyDDY4MzQwNTYzODIxNkD2AVImEA8lAAC4QigBOgtHT1prbjdxTDJLTUIJZ29vZ2xlYWRzSIEBUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/i.gif?e=EUuOSLbwbwigi2P/dqaennxkVh9pWIOgJvYDtD1Pyqn9u16tvpIqors+THhjUVzbRbHZxJ4EP/wiIJPVcV1Rmz7Er179TS4TdydHAgLow29j+06+ffh8Xkw3peEN0t3OdQERF2JvhTtcsEH7mmAgtXTCO5egIpYYA8qa7l9wrStbOnJzlX3D0+iM2VuLMw9m6EutceD4CQjTrXI+NARArzrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Y5E1sdsDj6/9YaLwIZ1kO4MrmYp9I5o+1PfViI91RdN5pTKPLlIyExiQmMA/eGcrheTFP+w1BH9yXSV5LQnQlDwPH1+Z1jmcPF6Od132qOsQ13j2twbHH6ccz94QPW0fJ3qbASlJoo3+FgmmPzqqeJg==&cb=82272384&s=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-58-110.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:05 GMT
server
nginx/1.6.2
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame BE6B 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
52654
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 07:37:31 GMT
expires
Sun, 08 Dec 2024 07:37:31 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame BE6B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 22:01:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
87186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Dec 2024 22:01:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BE6B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.608.2&bgai=BZBaP6eZ0Zf70EZms9u8P7caE0AEAAAAAOAG6BRMIltSzw7CDgwMV0ZL9Bx0IpQVm&bg=!k5ClkN_NAAY3kmNgF5I7ADQBe5WfOLn4Wj3aN2UEMklNn8DwFo1uRNeSGvadHONQ1o0lBZn4OUG4wKSism4LnvWH_R6XAgAAAG9SAAAABGgBBwoBJS0Lgja3LIIMYNJB4n42gfpwRd_y0Pw3wXNnujE8R-sAWDZDhQhxUvAxBWYmcocpbSOyGDREj6e00NX7lCTe8P4f_leku-4AMoA0DaJ91VPaFd9XNprS3fzsR83HCH-UOJZjiOa1U6qG55QnkJY-4sITjxOubeb1Dw7gaesas9KaemAjbxDjtcbDzaTMoG6nwVg5FDPsEl9IAMv2DYapyOg0_XELRXgY5R05rGdn9CYbmyw7XVsJUgNNjX_tiPxHPFVs_FVcOV3ms6P5SMtYXoYmcmT6gNJU7oivktHWexbaf1QL28m6eyfhKdtCsgZ3URGW4Jx5PpbpxjK4sx3aWUpY1b98cUkIhH_9g-iwu4vtKemd56V6sG0WGu47NSyPqXZYYU_kmQJepAZTDMNEICYbnCX_Ep0q49MKGGKYQ0Yx7mH_0_GoWlobD1FJcRAmLkrm6ZiVoN5S_gxeESmddrYsze4k2qFE5apooEgSrp_E13lRG1PWvY9aKEiiTD-iN07iWr31TjL6IJY4NPRGmFPpnArIyHwyaTutm0AlDbSz0OJUk7OUtSibN4wNIsm0LSzzGzv6v5qnzsoSqNWsX8II0tHpwiwjlNGkq6e-6_EYwCdw2Bi1Bi24j3yHGF1twzRSUVhw0C6pPs74wWW-Z19c_QkFc57ghxDzIrpi3xGI5w1100pqy5al0zh3RQm4iANgd-kM83TawCJAPMOU1qxxYDH1lR-S8NOIK1mJV22RGAxLP4C8zHdj5Ds7houMKdP7nzrxf93YxKPixFdoSbRLJ4yHx8V7Kb5yq2KVFxc10EszuKsnNPVi6vry9EYw4K65Ay9HiV45SYirGbJRHBSiuwk492mAZLioG9ZXpjkXBEAn1VpmZ3_7u3Zk36IwP3-wviULfIxuO3EHKLTduAoOSSas10NNwSSgFGztijw7olYPiUNRYCWw5HxC7j6PKc5Hcj5bo4fu4ti9g5SlL45j_3qrbgaVFOyrseBuuPfYqptPs6IVmHyptuafUcdvYAmqWD-BiZrrFoRzZPErogyPZ6tcvZTjVcGpAoz9spLzKhl_lydhgrzenLi8qbKdcbIyapMu5GKzkF99HTIF3qitNLG-c-fzHsQ7yTgv1UNzvu8EiDDRte-wPIYKbM8O0QfHYnEm4dJWbiGBGWw3xspZWGqt0RWDOI1LmbV6hfYqhgbpK062
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=322&height=181&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1702160107615&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1580&pt=1363392439&tz=60&viewable=true&ddast=V8LBACLAZEOxPVduMkPxOIdiaq7cZJfi4AAABgYED8AMlYLKOFybZYizazxVo0HA3WwtnGsRYOJsPFcDTY7EaOISAZi2W0MNkWa9FmtliLhqPBWjjbONbCwWS4GI4Gm93IMQUf9LD4_WaHW-00uRWW09NjdrmFfrfLLXj4XAbFGmig6XT4XPd63e93V7ntGr_bLrH8hX63yw4AAAAAHvz___9DAAAAAIgAAAAAIAEAAACAQkCFfwsCFwAAAAAw_P___2sAgOKgMB-j3-6yucwmfwAAAAAAAQAAAEACQCA_rwTAQ9j_if__________GAP0mTcy_v___28Y9AB48AHwIAQAAOBjiNsRwmwnSFcckQLCIowAAAAAQP0rHB-ZpBNULKr8___3WwG4AgAQwAhV6i6RRXdQ4i0MAABAwJgFelj8frPDrvG7Xeb_________38z_mX80QlGj12mCrmZm1PwCAgCs-QUEAGAzbgAA3gjAOToGtxquVqPVIZDNbjg7AAAAAHf-____9YDMzOMxTAariW-1mSxMxuHMZJwYV8bFzDdaDTe-7dnkpb63pTcN7fNBD4vfb3a41U6TW2E5PT1ml1vod7vcgofPZVDMz4QtRqvJZLMczpaLyWA4Go5G-zMQk8EATcRguZxMFpPdarQabYa70WywQAIxmCCKFg0mq9FospgMV6PJarZc7HYbRNGq1Wy0GQxXs8lst1sNB8PlaIQmbDFaTSab5XC2XEwGw9FwNBoiGJsYJhbjxLBWOXwjt2iwWa4lptXErXDOBouJw-ZwLVZr0etj-thWto1ttEWCASh7kTwt0onMMFs4jJuRYTYYjma-hcfhMMxWM-NotxjMLDPHRCzRnCzSieyy78w8HsNksJr4VpvJwmQczkzGiXFlXMx8o9Vw49vXJoaJxTgxrFUO38gtGmyWa4lpNXErnLPBYuKwOVyL1Vr0-pg-tpVtYxvtG7vBZDEbLAaDfWM3mCxmg8VgsO8wmZ6pz9lo7J0THp1fMZuGNTanQeEyWLw_iWkx7c4Ovs1F-dQ5jcmizuj3-_1-v9_v9_v9Bq3nYDYofMfe6SjsezvPxTj8OBgUsURwkU5ETofl6fc8PJ-_x-kw-T1vldsilihNF-lEX_S7XYaHz-WviCWC00U6EfrdLov6jxpwMJesVnPFYK5YLlcJAAAAAAAAAMASTDPdBAAAAMDJIJaj5Wa3TgcxGAwXk91yAUAcWev6oQ1daQNVAtmFva6aksqmBV6ssccoyOmwPP2eh-fz9zgdJr_nrXJbGQAEERqzzT4jiLVaLWsAAAAC2AAAAAK46cabgFAo7v___38cAAAAGTn0AAAAxPcBVbXBjV4r9PAjyMFquH8AKsRarVa3G2u1WgELaDMbjSbw____Hw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1008127&dpubid=194937&abtst=adxsub-out_vA!adxsub-out_vB!agqp4c_vB!lotc_vB!splits_full_traffic!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.em.com.br&en=1
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9d68b741aed59e2715ac8f8588394481256359c6a951c44074fa7deb04f4e1b4

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sat, 09 Dec 2023 22:15:07 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1475
x-cache
MISS
x-served-by
cache-fra-eddf8230041-FRA
pragma
no-cache
server
nginx
x-timer
S1702160108.617937,VS0,VE317
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
http://www.em.com.br
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
data
a-fds.youborafds01.com/ 		109 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a-fds.youborafds01.com/data?outputformat=json&system=onefootball&pluginVersion=6.8.35-adapterless-js&requestNumber=0.6517322702941621&timemark=1702160107747
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:1af8:5000:b001::54 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
674e8b0f0de896ef982229fe9e4e88046008cee3ffc985875fb0d236c2c11c5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:07 GMT
last-modified
Sat, 09 Dec 2023 22:15:07 GMT
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
109
expires
Sat, 26 Jul 1997 05:00:00 GMT
4khhJ5BX
cdn.jwplayer.com/v2/playlists/ 		56 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/4khhJ5BX
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
81b430c9d4cef647d06c6870eadfe8114e77b947f31dc8593228c28d5fa91e73

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:13:22 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
age
105
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
6532
x-amz-cf-id
jxNLQTgBw3gWow9JpEiKDgrG-V_oczVmvlfnhDyIh8240Scilr_RJA==
expires
Sat, 09 Dec 2023 22:16:22
googima.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/googima.js
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80c9671594b35dca109b7ecf4d7ca12db35663ba90b6e591fee421a3d3a6816a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:07 GMT
content-encoding
gzip
via
1.1 varnish
age
79254
x-cache
HIT
content-length
22454
x-served-by
cache-fra-etou8220022-FRA
last-modified
Mon, 13 Nov 2023 20:12:26 GMT
server
AmazonS3
x-timer
S1702160108.838283,VS0,VE0
etag
"016fdad688d9003e0b0c4157e803cf37"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
5860
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/jwpsrv.js
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c45c8d7d2e9d3669de7a6c0fd986213fe7286afbf144c717cb0445faa515ae4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:07 GMT
content-encoding
gzip
via
1.1 varnish
age
52
x-cache
HIT
content-length
19644
x-served-by
cache-fra-etou8220022-FRA
last-modified
Mon, 13 Nov 2023 20:12:27 GMT
server
AmazonS3
x-timer
S1702160108.838040,VS0,VE0
etag
"6f0ff3b48f406194043122212d1f49a8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
27
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		318 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/jwplayer.core.controls.js
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3626395a3596984e23ef3c2e882eee1fe93e4830f6c6b90ba9aad5028d2b6c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:07 GMT
content-encoding
gzip
via
1.1 varnish
age
2115821
x-cache
HIT
content-length
85284
x-served-by
cache-fra-etou8220022-FRA
last-modified
Mon, 13 Nov 2023 20:12:20 GMT
server
AmazonS3
x-timer
S1702160108.838289,VS0,VE0
etag
"95e4ba794923b67ae5be72627198a8b3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
319053
pt.json
ssl.p.jwpcdn.com/player/v/8.30.1/translations/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/translations/pt.json
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e131cde2cb0c7a07be92160d5080716139f800636d471cd2c0a5e3c1310cf4f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:07 GMT
content-encoding
gzip
via
1.1 varnish
age
1997644
x-cache
HIT
content-length
1449
x-served-by
cache-fra-etou8220033-FRA
last-modified
Mon, 13 Nov 2023 20:12:33 GMT
server
AmazonS3
x-timer
S1702160108.838249,VS0,VE0
etag
"d38ea3780a421961071427e9dd1f73a3"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
2
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		413 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/provider.hlsjs.js
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6a936bf89e1100e04af426880bbbbcdf995f6501eb58a5e7ca3382b0ce74ac3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:07 GMT
content-encoding
gzip
via
1.1 varnish
age
2297773
x-cache
HIT
content-length
126154
x-served-by
cache-fra-etou8220022-FRA
last-modified
Fri, 10 Nov 2023 21:07:29 GMT
server
AmazonS3
x-timer
S1702160108.838277,VS0,VE0
etag
"c735ce7c150fe5e0fdf3e61f12fd8527"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
298730
pressbox.png
dugout.com/images/publishers/logos/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dugout.com/images/publishers/logos/pressbox.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-40.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dceb94d1f8ed6e37fb34636d5d965c86f11d7fcc8965eb4655420993e6523efc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
qxXNyot.FJUgjrgdpjHB0.gO9cP3yhLF
date
Sat, 09 Dec 2023 21:57:16 GMT
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
last-modified
Wed, 17 Nov 2021 11:44:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
1101
etag
"441a0fe047cb6aed6d0a8d01e2e32c6d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
6537
x-amz-cf-id
8GXxpPb8l_1X1Sfbfv6zgqm9-7g_QReP2J8xlmg9PB4cDam667f77g==
R6zixFK+Eei17gpVuA4vVw.json
entitlements.jwplayer.com/ 		69 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/R6zixFK+Eei17gpVuA4vVw.json
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/6767) /
Resource Hash
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:07 GMT
content-encoding
gzip
last-modified
Sat, 09 Dec 2023 19:30:04 GMT
server
ECAcc (frb/6767)
age
9903
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=13980
accept-ranges
bytes
content-length
80
92tfutNX-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/92tfutNX-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/92tfutNX-120.vtt
1 KB
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/92tfutNX-120.vtt
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a1954ef253b2caf9e745776c489159a5aed757facdd89eff63a403faf0a92900

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:08 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
47
x-amz-server-side-encryption
AES256
x-cache
MISS, HIT
content-length
227
x-served-by
cache-iad-kcgs7200163-IAD, cache-fra-etou8220033-FRA
last-modified
Sat, 09 Dec 2023 18:21:52 GMT
server
nginx
x-timer
S1702160108.100118,VS0,VE90
etag
"d1f5f650c5adbbf4f975590de2013c9d"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
0, 1

Redirect headers

date
Sat, 09 Dec 2023 22:15:07 GMT
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/92tfutNX-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
dhTCBSQTjs9UG1xbEQZqa3LzmWXpbqvjKCXsnQk6p1tvvLsDDj7vXg==
OneFootball.png
embed.dugout.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed.dugout.com/images/OneFootball.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2400:8:ced9:d0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e226001a4667de86a4bc798fd504bac9625facc2b0856982b257b39992f77aa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
null
date
Sat, 09 Dec 2023 22:15:07 GMT
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified
Mon, 02 Aug 2021 10:43:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
26
etag
"719d529f5cf512aaf0bb0969f4692112"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
content-length
7024
x-amz-cf-id
8dPZCsTl9tvUD6KMbgJaDuSi9blAv_i0zlrvkpzAOddwDLODWkHzBQ==
related.js
ssl.p.jwpcdn.com/player/v/8.30.1/ 		103 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.1/related.js
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f9d9f5036d0bd2be56f58b96153837812b097932175127c8b0261eb0ba7b58de

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:07 GMT
content-encoding
gzip
via
1.1 varnish
age
2159343
x-cache
HIT
content-length
25137
x-served-by
cache-fra-etou8220022-FRA
last-modified
Mon, 13 Nov 2023 20:12:25 GMT
server
AmazonS3
x-timer
S1702160108.957074,VS0,VE0
etag
"e6b820b0a7ae68bd30c9a97e44e1ea55"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
279478
92tfutNX.m3u8
cdn.jwplayer.com/manifests/ 		2 KB
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/manifests/92tfutNX.m3u8
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
d4f5eb1f1274137257143c6a333fcb2dd2d28f52f46e0b80bfca730b2986b8d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:08 GMT
content-encoding
gzip
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
414
x-amz-cf-id
WyNnkpZ1R0twKXdDiIoN4dqAT98ay3PCNEgtsxJAEiFiAktvV_-a4A==
bridge3.608.2_pt.html
imasdk.googleapis.com/js/core/ Frame 465A 		751 KB
240 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.608.2_pt.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32d8252aa82248f9179d1b23675ff59c006f724a58bd5574a15307718032f127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.em.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
18642
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246063
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 17:04:25 GMT
expires
Sun, 08 Dec 2024 17:04:25 GMT
last-modified
Thu, 07 Dec 2023 18:27:35 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4356 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 21:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1163
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 09 Dec 2023 22:55:44 GMT
yairu8kg-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/92tfutNX/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/yairu8kg-720.jpg
70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/yairu8kg-720.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3cc3c3419ff7c7f9ae3e59fa1a03d0bfe1638b5bab38785ccc4c95ba4bcdec7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:08 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
191
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
71577
x-served-by
cache-iad-kcgs7200108-IAD, cache-fra-etou8220022-FRA
last-modified
Sat, 09 Dec 2023 18:21:59 GMT
server
nginx
x-timer
S1702160108.111108,VS0,VE98
etag
"c8fd5347cd739eeb55ce369bf5b3b8c5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
8, 1

Redirect headers

date
Sat, 09 Dec 2023 22:15:08 GMT
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/yairu8kg-720.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
uPZk_XtFMuOLPTzSWLYIAio2vfi3lTfdVr1u8vD5ovnWYt0_4KFRpg==
yairu8kg-480.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/92tfutNX/poster.jpg?width=480
  • https://assets-jpcust.jwpsrv.com/thumbnails/yairu8kg-480.jpg
39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/yairu8kg-480.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0975cf6a05fc879df51521d4afdf90c252e68e7698b1ac373cb7833bb806e957

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:08 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
39821
x-served-by
cache-iad-kcgs7200027-IAD, cache-fra-etou8220022-FRA
last-modified
Sat, 09 Dec 2023 18:21:59 GMT
server
nginx
x-timer
S1702160108.113470,VS0,VE100
etag
"1949c7e75851b35e99ab72b03dfe2f5e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
6, 1

Redirect headers

date
Sat, 09 Dec 2023 22:15:08 GMT
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/yairu8kg-480.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
ZqdJ8vNBLzhvw6e8_9dL75k-tJVgTjlec8pQDSbsApicu3fU_E-s9Q==
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=1807080614&e=e&n=6178109212403058&abc=0&aid=R6zixFK%2BEei17gpVuA4vVw&amp=0&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=jxa5hlxiif33&i=0&id=92tfutNX&lid=pu1c9ak9evbl&lsa=set&mt=1&pbd=1&pbr=1&pgi=j6lbxz1o858z&ph=1&pid=dZJvGkNo&pii=0&pl=181&plc=8&pli=1a7end8w1z6r&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Jornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online%20-&pu=http%3A%2F%2Fwww.em.com.br%2F&pv=8.30.1&pyc=0&s=0&sdk=0&stc=1&stpe=1&t=Klopp%20expressa%20insatisfa%C3%A7%C3%A3o%20com%20desempenho%20e%20diz%20que%20os%20Reds%20tiveram%20sorte%20contra%20o%20Palace&tv=3.43.1&vb=0&vi=0&vl=0&wd=322&ab=1&cae=0&cb=0&cdid=player-1&cme=0&dd=1&fed=4khhJ5BX&flc=1&fv=&ga=0&lng=pt-BR&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2F92tfutNX.m3u8&pbc=1&pd=2&pdr=&plng=pt-BR&plt=4200&pni=1&po=0&pogt=Jornal%20Estado%20de%20Minas%20%7C%20Not%C3%ADcias%20Online&sn=%7B%22controlbar%22%3A%7B%22background%22%3A%22rgba(0%2C0%2C0%2C0)%22%2C%22icons%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22iconsActive%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23FFFFFF%22%7D%2C%22menus%22%3A%7B%22background%22%3A%22%23333333%22%2C%22text%22%3A%22rgba(255%2C255%2C255%2C0.8)%22%2C%22textActive%22%3A%22%23FFFFFF%22%7D%2C%22timeslider%22%3A%7B%22progress%22%3A%22%23F2F2F2%22%2C%22rail%22%3A%22rgba(255%2C255%2C255%2C0.3)%22%7D%2C%22tooltips%22%3A%7B%22background%22%3A%22%23FFFFFF%22%2C%22text%22%3A%22%23000000%22%7D%7D&sp=0&st=160&sa=1702160107958
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:e800:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:08 GMT
via
1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
UsjTP30eJfWVZqx1UN9rcO-6BT3KkrEXgahpreXPQY1Zp2kHg_zyQQ==
x-cache
Miss from cloudfront
ev
s.seedtag.com/e/ 		0
14 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/e/ev
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.em.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Dec 2023 22:15:08 GMT
via
1.1 google
server
openresty
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
http://www.em.com.br
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
manifest-audio_eng=112022-video_eng=187593.m3u8
videos-cloudfront-usp.jwpsrv.com/65758fac_b23fa76cecbdefcbd28427eb54838920442db0de/site/pLhE9KGt/media/92tfutNX/version/dfUAfIXv/manifest.ism/ 		876 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/65758fac_b23fa76cecbdefcbd28427eb54838920442db0de/site/pLhE9KGt/media/92tfutNX/version/dfUAfIXv/manifest.ism/manifest-audio_eng=112022-video_eng=187593.m3u8
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d600:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
9b2bfc1e730ab42676184488b79dbc30e1da9b1ee59de59d3344323aa5bac87e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:23:49 GMT
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
13879
x-cache
Hit from cloudfront
content-length
876
server
Apache
etag
"usp-01BD8F28"
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
116hIjhnj2kWc_LCpesl1pjhGuaUwfqBrviIiXq_hxZ1Lq2VsJ2SkA==
pixel.gif
p.trvdp.com/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.trvdp.com/pixel.gif?e=EUuOSLbwbwigi2P/dqaennxkVh9pWIOgJvYDtD1Pyqmox+X6hm2OnoozdzLhGOLBZpE9SJhz3JCHU7bPUZOQ3OYEnFowQ3N27pSRmnB3eS4cqFYBJjuksKcMaGKOWQHUm155G49xKd436imYS37/IOJv9h1IFo4EgvgbK43PfUEl2sV8q1MCp86OINGB8C6JgvsQ2Vp1nllknM7j/Vwgh7z4q7VrBv03tifYNlB7sQ82FuJ3YqKPmko1f08xwiAb5M5KKSI5ppa0ufV+roUkGgWkv9dLqfckNS24XYsUW3/bCssTHAQMFf9VT/pvZlQ+1cAseAzVY0N2nSRaRaVYvMUQ1ZNFclDVuHLZ13dMOawt0YNcD6isGP4zcSyHXCIBbmxG6mx4vuUNB6IosCCauw==&cb=95959543
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.58.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-58-110.compute-1.amazonaws.com
Software
nginx/1.6.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:08 GMT
server
nginx/1.6.2
manifest-audio_eng=112022-video_eng=187593-1.ts
videos-cloudfront-usp.jwpsrv.com/65758fac_b23fa76cecbdefcbd28427eb54838920442db0de/site/pLhE9KGt/media/92tfutNX/version/dfUAfIXv/manifest.ism/ 		247 KB
248 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/65758fac_b23fa76cecbdefcbd28427eb54838920442db0de/site/pLhE9KGt/media/92tfutNX/version/dfUAfIXv/manifest.ism/manifest-audio_eng=112022-video_eng=187593-1.ts
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d600:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
1d2da280861f17f6bd0c9ec30de6845d63c482039f0265ba0c25ab9fe3852999

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:23:49 GMT
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-usp-info1
t=1970-01-01T00:00:00Z lookahead=2
x-amz-cf-pop
FRA56-C1
age
13879
x-cache
Hit from cloudfront
content-length
253048
server
Apache
etag
"usp-933EF84A"
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
link
<manifest-audio_eng=112022-video_eng=187593-2.ts>; rel="next"
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
in47v7cnwUimPp2a5HUpCRev2dGOukfeGEDKbgcu-OTE_Z8OxRu3gA==
34440ef7-bdd7-4df5-8673-c32be73bd14d
http://www.em.com.br/ 		366 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:http://www.em.com.br/34440ef7-bdd7-4df5-8673-c32be73bd14d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
943030a2bb4a69de7b031fefa25844e7cfd27154a2ba1f4b05d180a55273ab21

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
374591
Content-Type
text/javascript
manifest-audio_eng=112022-video_eng=362258.m3u8
videos-cloudfront-usp.jwpsrv.com/65758fac_b23fa76cecbdefcbd28427eb54838920442db0de/site/pLhE9KGt/media/92tfutNX/version/dfUAfIXv/manifest.ism/ 		876 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/65758fac_b23fa76cecbdefcbd28427eb54838920442db0de/site/pLhE9KGt/media/92tfutNX/version/dfUAfIXv/manifest.ism/manifest-audio_eng=112022-video_eng=362258.m3u8
Requested by
Host: embed.dugout.com
URL: https://embed.dugout.com/v3.1/estado-de-minas.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:d600:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
960fddc46f777552b4927f37eb092a9d70382a3e28294ae31854a15d6709c0d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:24:04 GMT
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
13864
x-cache
Hit from cloudfront
content-length
876
server
Apache
etag
"usp-5B5B37F7"
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
ziH_akZ9i6xaWIgj46V-DQsIpiqDaZpDe70ixPk98Shfg7WUw1wehg==
h4nownp9-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/azknuln8/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/h4nownp9-120.jpg
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/h4nownp9-120.jpg
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dcc6bdfbf23d9bf24eec3ce9ff555ec79fedee0f24541d6a680db305a018d290

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.em.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 22:15:08 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
460
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
7731
x-served-by
cache-iad-kiad7000162-IAD, cache-fra-etou8220022-FRA
last-modified
Fri, 08 Dec 2023 19:46:53 GMT
server
nginx
x-timer
S1702160109.718106,VS0,VE1
etag
"9268b4efe9b1ea3913aae6c2c9a9a638"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
475, 1

Redirect headers

date
Sat, 09 Dec 2023 22:15:08 GMT
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/h4nownp9-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
9NlYsfz1ZCtvrmTARHZona8fWQzYEXdvVzqa_OosYRIv2ogE4G7NlA==
dt
dt.adsafeprotected.com/ Frame AB47 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=2ce66e29-5b31-1dc3-696c-e4c7bb5ba3ee&tv=%7Bc:wloZhL,pingTime:5,time:6192,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:43%7D,%7Bpiv:100,vs:i,r:,t:1192%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5000,o:1192,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:43,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1184~0,0~100%5D,as:%5B1184~728.90%5D%7D%7D,%7Bsl:i,t:1192,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:94,fm:tXZ0k8N+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g*.1627455-73523880%7C1g1%7C1g2%7C1g3%7C1g4%7C1h%7C1i.1627455-73523880%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m,idMap:1g*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:45,sis:409%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5d:871:cd4c:9577 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:09 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame AB47 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=2ce66e29-5b31-1dc3-696c-e4c7bb5ba3ee&tv=%7Bc:wloZhM,pingTime:5,time:6193,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:43%7D,%7Bpiv:100,vs:i,r:,t:1192%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1192,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:43,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1184~0,0~100%5D,as:%5B1184~728.90%5D%7D%7D,%7Bsl:i,t:1192,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:94,fm:tXZ0k8N+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g*.1627455-73523880%7C1g1%7C1g2%7C1g3%7C1g4%7C1h%7C1i.1627455-73523880%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m,idMap:1g*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:45,sis:409%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:ab5d:871:cd4c:9577 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Dec 2023 22:15:09 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame FA80 		0
0
dt
dt.adsafeprotected.com/ Frame FA80 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
scoring.deep.bi
URL
https://scoring.deep.bi/score/4Dme4NTJxoPw/undefined?id=deepcookie&column=profile
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=c2b88e9b-3ed0-8d95-5b42-17c4a3bc239a&tv=%7Bc:wloZl3,pingTime:5,time:6175,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:32%7D,%7Br:r,w:728,h:90,t:98%7D,%7Bpiv:100,vs:i,r:,t:1174%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:1174,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1167~0,0~100%5D,as:%5B90~0.0,1077~728.90%5D%7D%7D,%7Bsl:i,t:1174,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:93,fm:tXZ0k8N+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g.1627455-73523880%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h%7C1i*.1627455-73523880%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m1%7C1m2,idMap:1i*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:33,sis:237%7D&br=c
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=c2b88e9b-3ed0-8d95-5b42-17c4a3bc239a&tv=%7Bc:wloZl4,pingTime:5,time:6176,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:32%7D,%7Br:r,w:728,h:90,t:98%7D,%7Bpiv:100,vs:i,r:,t:1174%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:1174,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1167~0,0~100%5D,as:%5B90~0.0,1077~728.90%5D%7D%7D,%7Bsl:i,t:1174,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:93,fm:tXZ0k8N+11%7C12%7C13%7C14%7C1511%7C1512%7C161%7C162%7C163%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f1%7C1g.1627455-73523880%7C1g1%7C1g2%7C1g3%7C1g4%7C1g5%7C1h%7C1i*.1627455-73523880%7C1i1%7C1i2%7C1j%7C1k%7C1l%7C1m1%7C1m2,idMap:1i*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:33,sis:237%7D&br=c

Verdicts & Comments Add Verdict or Comment

484 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| googletag string| diretoriodfp object| slotdfp object| slotdfpbtf object| slotdfpofp number| indexformats object| viewable undefined| staticSlot string| o object| a object| b function| Navegg object| naveggReady object| nvg89454 object| apstag number| PREBID_TIMEOUT object| pbjs function| refreshSlot function| executeParallelAuctionAlongsidePrebid function| $ function| jQuery boolean| emVia5news object| _taboola object| attr object| dataLayer boolean| emVia5newsCapa object| btnClsAncor object| ancorado string| product_id function| fbAsyncInit object| pbjsChunk object| _pbjsGlobals object| mnet object| ggeac object| google_js_reporting_queue object| FB object| AppleID object| _aps boolean| apstagLOADED object| apscustom object| taboolastyle object| place undefined| google_measure_js_timing function| getDAAUUID object| loggeduser string| resp object| google_reactive_ads_global_state number| google_unique_id object| gaGlobal object| _ilabsPushConfig object| IlabsPush object| __buffer function| _typeof object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| default_gsi object| _F_toggles object| google object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad object| google_tag_manager object| google_tag_data function| nvgGetSegment function| ltgc object| iframe object| _ttprofiles object| banner object| btn object| bannerCookie string| cookie object| cookieList function| getFunctionFromString object| __springserveSyncScript string| dugout_country_code string| dugout_url_sig number| dugout_url_exp function| clearImmediate function| setImmediate object| regeneratorRuntime number| of_alpha string| dugout_imp function| Dugout function| dugout_float function| dugout_stop_floating function| dugout_start_floating function| parcelRequireda84 object| webpackChunkjwplayer function| jwplayer function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__setImmediate function| __zone_symbol__clearImmediate function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| __zone_symbol__unloadfalse object| dugout number| dugout_init_count function| dugout_init string| app_bundle string| app_name string| app_url string| app_ifa string| app_gdpr object| __zone_symbol__loadfalse boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd object| _tb_vpx object| _pm_sud function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| taboolamsec object| taboolaitem boolean| shouldRender function| hardnewstesteab object| _newsroom object| __zone_symbol__scrollfalse function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id function| __zone_symbol__ON_PROPERTYload boolean| plHookRanOnce function| removeBlurFromControl object| __zone_symbol__beforeunloadfalse object| __zone_symbol__pagehidefalse object| TRCImpl number| taboola_view_id object| __zone_symbol__hashchangefalse object| __zone_symbol__popstatefalse function| onYouTubeIframeAPIReady object| __zone_symbol__focusfalse object| __zone_symbol__blurfalse object| __zone_symbol__pageshowfalse function| addLoadButton function| removeLoadButton boolean| signin_force_logoff object| daAccountsClient object| _id_settimeout_setdaa boolean| _find_update_user function| removeBlocks function| showOffers function| showLoginWall function| hideModalLogin function| showModalLogin function| click_login function| click_login_signup function| showOnboard function| showCancelGoogle function| showCancelCallcenter function| resetRecaptcha function| recaptchaCallback function| func_show_login object| OneSignal function| resizeArticle function| CrossDomainLocalStorage function| random function| load_page_noticias function| RelatedPages object| cross_local_store function| ajax_noticias_recomendadas function| loadRecomendadas object| relatedPages object| lazytag object| __zone_symbol__resizefalse number| tnsId object| TTTagManager function| TTTagManagerError object| _ttq object| da_swg_sku_default_draw string| da_swg_sku_default number| STATUS_NEWS_ABERTA number| STATUS_NEWS_PAYWALL number| STATUS_NEWS_LOGINWALL number| STATUS_NEWS_ABERTAPREMIUM object| swg_debug_levels object| DA_OFFERS function| mather_push function| formataMoeda object| da_swg function| da_log function| edtTextGoogle function| renderButton function| signin2onFailure function| signin2onSuccess function| callbackGoogle function| checkLoginState function| ga object| stroeerCore number| retryHandle function| TBOptimizationTouchAndClickEventTracker object| _pmk function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Lf object| _pm_mcg object| image object| __zone_symbol__mousedownfalse object| __zone_symbol__messagefalse number| x string| nam object| placementData object| __G_ID_CLIENT__ object| closure_lm_633738 string| n object| cmds object| _ttconversion object| ttcNamespace number| newsroomStartsLoadingTime object| tbNewsroom object| __zone_symbol__errorfalse string| version function| TTProfilesBase function| ttProfilesBaseE object| _ttsHolder function| da_tracking string| event_from object| preloadImages string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace object| cmTag object| da_newsletter_register object| target function| md5 function| gtag function| TTBase function| ttBaseE object| _ttqHolder object| _seedtagq object| webpackJsonp1701962644752 boolean| _st_loaded object| __zone_symbol__orientationchangefalse object| _cm_wfCounters string| lastWfUrl string| GoogleAnalyticsObject function| requestAnimationFrame1 function| cancelAnimationFrame1 boolean| _seedtagLoaded object| _seedtag object| gaplugins object| gaData object| brWidgetInit object| truvid_protected function| playerLog object| trv_players function| Zepto object| Backbone function| startCMTagMain object| __zone_symbol__mousemovefalse object| __zone_symbol__focustrue object| __zone_symbol__blurtrue string| category function| OvaMediaPlayer object| _google_rum_ns_ object| __zone_symbol__visibilitychangefalse object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| __zone_symbol__testfalse object| __zone_symbol__ON_PROPERTYtest number| google_srt object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_665655 object| closure_lm_722463 object| tbopt object| GoogleGcLKhOms object| google_image_requests object| __zone_symbol__clickfalse object| __zone_symbol__keydownfalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

67 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgjdARDYFg
.navdmp.com/ Name: ac3
Value: 1
.navdmp.com/ Name: nid
Value: 13c6f9e68589769704737b592d10|1|369
.em.com.br/ Name: _ga_KFBFMPM6S4
Value: GS1.1.1702160100.1.0.1702160100.60.0.0
.em.com.br/ Name: nvg89454
Value: 13c6f9e685457076a4c6d3f94b10|0_344
.doubleclick.net/ Name: IDE
Value: AHWqTUn7gSfoLKSZ8ELhZyL_LCEW12AwIgHX4FY0HZkijGLFihtHBzFeDv8nLeX2Zm4
.yahoo.com/ Name: A3
Value: d=AQABBOXmdGUCEKnvvtCfA9SCSuromZ_iUMIFEgEBAQE4dmV-ZeATyiMA_eMAAA&S=AQAAAnIPbgVqTi1iViY2V0EDD0o
.em.com.br/ Name: __gads
Value: ID=ed30445369e3ec21:T=1702160100:RT=1702160100:S=ALNI_Mbw0S7wXrmPKQ8H_jUk8WaePsLUsA
.em.com.br/ Name: __gpi
Value: UID=00000d111056c9e0:T=1702160100:RT=1702160100:S=ALNI_MYQfEYFwI4yYVGotX5GPHNPisM_Qw
.advertising.com/ Name: A3
Value: d=AQABBOXmdGUCEO4Aya5i8_WoakfZfz9d43sFEgEBAQE4dmV-ZeATyiMA_eMAAA&S=AQAAApMvdJ491fDMjWAtTJH870w
www.em.com.br/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D6b0bb8b0-ea7d-4039-b45b-a9601bafa515-tuctc6e6c64
.casalemedia.com/ Name: CMID
Value: ZXTm5Ym9aQ6m3Zi9HbN76QAA
.casalemedia.com/ Name: CMPS
Value: 5239
.casalemedia.com/ Name: CMPRO
Value: 5239
.adnxs.com/ Name: icu
Value: ChgIrfg-EAoYASABKAEw5c3TqwY4AUABSAEQ5c3TqwYYAA..
.adnxs.com/ Name: uuid2
Value: 987710221978068098
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: fd1bb835c764068a
.rubiconproject.com/ Name: khaos
Value: LPYM6BXC-6-BJX0
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqeBCNeCY00oeQFbWGgM44fR/rFJVNr6iKvjlL31WaJoW8/LujiXGHFl0Sl18udHEbYKUE+IBgSZVllHfr3pVJrILGK3BUa9s0ijy0RC4Zd8RuybVyVU0yt
.sxp.smartclip.net/ Name: uuid
Value: cfd77c3a-e5e6-7465-3057-562bcf0eb800
.sxp.smartclip.net/ Name: psyn
Value:
.go.sonobi.com/ Name: HAPLB8G
Value: s86165|ZXTm6
.tremorhub.com/ Name: tvid
Value: ae15e3505f334821999676bab5ab0668
.ads.stickyadstv.com/ Name: UID
Value: 32d5e41d9416ce265cc4c5fae2cdaf
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZXTm5Ym9aQ6m3Zi9HbN76QAAFHcAAAAB
.ads.stickyadstv.com/ Name: uid-bp-41478
Value: 1
.simpli.fi/ Name: suid
Value: 7CFDEED5602A4557A0D3F00E0B88E030
www.em.com.br/ Name: tt_c_vmt
Value: 1702160102
www.em.com.br/ Name: tt_c_c
Value: direct
www.em.com.br/ Name: tt_c_s
Value: direct
www.em.com.br/ Name: tt_c_m
Value: direct
.tremorhub.com/ Name: tvssa
Value: 1702160101718
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXTm5QAFvFUS0wBd
.t.tailtarget.com/ Name: _ssc
Value: y
www.em.com.br/ Name: _ttuu.s
Value: 1702160101902
.liadm.com/ Name: lidid
Value: bb42f87b-7dca-413a-badb-998f32eb1b1a
.doubleclick.net/ Name: DSID
Value: NO_DATA
www.em.com.br/ Name: _ttqprofiles
Value: {"age":"","equipment":"","customaudience":[],"gender":"","microsegments":[],"profiles":["na"],"socialclass":"","subjects":[],"team":""}
www.em.com.br/ Name: tt.u
Value: 0100007FE5E6746575062F080204AD1A
.em.com.br/ Name: _ga
Value: GA1.3.1616538923.1702160100
.em.com.br/ Name: _gid
Value: GA1.3.485656300.1702160102
.t.tailtarget.com/ Name: ttbprf
Value: ___de_1702160102271_1358891719
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>6uDDR6!]tbPl1M>e)ZlrFUfJ+tGXxoaB.3-@LYw`J>Z-qZ@i<Q_a$$VxZsk]JU[PPg3If)y3KL9D3I?+7BWa`j
.doubleclick.net/ Name: APC
Value: AfxxVi7psw94ME0EEzpto0EeYKSDAJ6-BIIzS5AfWhdziGSL7u495g
www.em.com.br/ Name: tt.nprf
Value:
.tt-10258-0.seg.t.tailtarget.com/ Name: trk
Value: beCbmBQVhJLTvoCp8JX1CA==
.t.tailtarget.com/ Name: u
Value: fwAAAWV05uVh2ga0HA8HAgB=
.tt-10258-0.seg.t.tailtarget.com/ Name: ttca
Value: _1702160102
.ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
.fwmrm.net/ Name: _uid
Value: uml1667_7311293824205594893
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: uml1667_7311293824205594893
.ads.stickyadstv.com/ Name: MRM_UID
Value: uml1667_7311293824205594893
.quantserve.com/ Name: d
Value: EH0BCQHPKoEA
.quantserve.com/ Name: mc
Value: 6574e6e6-e3d65-a5d9c-e680b
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-JyG2HA5E2oNUUjXt4Vh34w9YiFvLVsPuHTnZRTvp~A
.t.tailtarget.com/ Name: n
Value: 1702160103
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22B82AFC25-496A-4821-1298-EF55631EB796%22%7D
.ctnsnet.com/ Name: cid_2ad6450624624697b6d97de4208abe1f
Value: 1
.ctnsnet.com/ Name: gid_CAESEEla2LZP4J0S1L5XacF8qMo
Value: 1
.turn.com/ Name: uid
Value: 2609020432964231715
.tribalfusion.com/ Name: ANON_ID
Value: a3ntuJM0ing9PBmSTEpS677vf3Zaq3lcDOONiPZcMdnI2cBy1eccSW4vgEa6OxDy3DkeyAfD4bCkUWrapEdJoLTSdM
.criteo.com/ Name: uid
Value: 932e5778-8bba-459a-a5a6-8d2d60784c5c
.w55c.net/ Name: wfivefivec
Value: 01BW59M51Rc5Be5
.w55c.net/ Name: matchmedianet
Value: 5

13 Console Messages

Source Level URL
Text
network error URL: https://cdn.taboola.com/webpush/publishers/1066966/taboola-push-sdk.js
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: http://www.em.com.br/(Line 4348)
Message:
Access to XMLHttpRequest at 'https://scoring.deep.bi/score/4Dme4NTJxoPw/undefined?id=deepcookie&column=profile' from origin 'http://www.em.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://scoring.deep.bi/score/4Dme4NTJxoPw/undefined?id=deepcookie&column=profile
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?consentString=&r=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000027%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BPDID%5D
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://accounts.google.com/gsi/button?type=standard&shape=rectangular&theme=outline&text=%24%20%7Bbutton.text%7D&size=large&logo_alignment=left&width=240&client_id=133477885879-ml89jg8mocekhmnraefpi3cgednablut.apps.googleusercontent.com&iframe_id=gsi_101456_409856&as=ZP%2FVEXg43xlDC9UmDDPeMg
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://sync.admanmedia.com/pbs.gif?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-dub.springserve.com%2Fusersync%3Faid%3D1000029%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
rendering warning URL: https://embed.dugout.com/v3.1/estado-de-minas.js(Line 64)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
6a920ac82db4321cfb4782e25c05640a.safeframe.googlesyndication.com
a-fds.youborafds01.com
a.teads.tv
a.tribalfusion.com
aax.amazon-adsystem.com
accounts.google.com
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
ads.yieldmo.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
appleid.cdn-apple.com
assets-jpcust.jwpsrv.com
b.t.tailtarget.com
barra.uai.com.br
bh.contextweb.com
c.amazon-adsystem.com
c2.taboola.com
cdn.jwplayer.com
cdn.navdmp.com
cdn.pn.vg
cdn.taboola.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
cnt.trvdp.com
code.jquery.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
cs.emxdgt.com
cs.media.net
csi.gstatic.com
csp.withgoogle.com
css.em.com.br
d.tailtarget.com
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dugout.com
eb2.3lift.com
embed.dugout.com
entitlements.jwplayer.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fw.adsafeprotected.com
gcm.ctnsnet.com
geo.privacymanager.io
go.trvdp.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hp.taboola.com
i.liadm.com
ib.adnxs.com
ih.adscale.de
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imgs.em.com.br
imgs2.uai.com.br
imprammp.taboola.com
js.adscale.de
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
match.adsrvr.org
match.sharethrough.com
midias.em.com.br
nr-events.taboola.com
onetag-sys.com
p.trvdp.com
pagead2.googlesyndication.com
pbs.publishers.tremorhub.com
pips.taboola.com
pixel.advertising.com
pixel.mathtag.com
pixel.rubiconproject.com
pm-widget.taboola.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prd.jwpltx.com
prebid-us.creativecdn.com
prebid.media.net
pubads.g.doubleclick.net
r.turn.com
region1.analytics.google.com
rr3---sn-4g5lznls.googlevideo.com
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
s.seedtag.com
s.tribalfusion.com
s.trvdp.com
s0.2mdn.net
scoring.deep.bi
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssl.gstatic.com
ssl.p.jwpcdn.com
ssum.casalemedia.com
static.adsafeprotected.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
sync-tm.everesttech.net
sync.1rx.io
sync.admanmedia.com
sync.bfmio.com
sync.go.sonobi.com
sync.richaudience.com
sync.springserve.com
sync.sxp.smartclip.net
sync.taboola.com
sync.teads.tv
sync2.navdmp.com
t.em.com.br
t.seedtag.com
t.tailtarget.com
tag.navdmp.com
tags.t.tailtarget.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
tt-10258-0.seg.t.tailtarget.com
tv.springserve.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.navdmp.com
vid-io-dub.springserve.com
videos-cloudfront-usp.jwpsrv.com
videos.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.em.com.br
www.facebook.com
www.flipar.com.br
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
dt.adsafeprotected.com
scoring.deep.bi
104.18.111.252
104.18.36.155
108.138.1.25
13.248.245.213
13.32.27.40
13.32.27.70
13.32.99.40
13.32.99.59
141.226.228.48
142.250.185.98
143.204.215.89
143.204.98.72
151.101.1.44
151.101.130.49
151.101.65.44
152.199.22.243
162.55.236.225
178.250.1.9
179.191.182.65
18.134.84.25
18.245.222.29
18.66.27.14
185.184.10.30
185.64.190.79
185.86.139.102
185.89.211.84
198.47.127.19
2001:1af8:5000:b001::54
2001:4860:4802:34::36
208.93.169.131
216.58.206.34
23.206.19.66
23.212.211.47
23.213.168.238
23.52.120.246
23.52.120.27
23.52.122.195
23.52.123.144
2600:1f18:1aca:4280:ab5d:871:cd4c:9577
2600:1f18:612b:4280:6998:c3aa:1a9e:b5be
2600:9000:206f:d600:2:cecb:23c0:93a1
2600:9000:214f:2400:8:ced9:d0c0:93a1
2600:9000:2190:3e00:f:4f64:8940:93a1
2600:9000:223e:e800:1b:6b7c:c940:93a1
2600:9000:223f:8c00:8:48e:53c0:93a1
2600:9000:225e:6400:1:a3fa:7cc0:93a1
2602:803:c003:200::61
2606:4700:20::681a:d80
2606:4700:20::ac43:4637
2606:4700::6810:bf3
2606:4700::6811:190e
2606:4700::6812:18ad
2607:ae80:4::25
2620:116:800d:21:c5a4:625:6563:a5bb
2804:564::1182
2a00:1450:4001:26::8
2a00:1450:4001:802::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80e::2011
2a00:1450:4001:811::2003
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2006
2a00:1450:400c:c00::54
2a00:1450:400c:c0a::5e
2a00:1450:400c:c0b::9c
2a02:2638:3::c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::649
2a04:4e42::626
2a05:d018:d29:3601:11b1:8ae0:b180:1e1
3.127.62.64
3.66.82.152
3.68.140.79
3.75.62.37
34.102.185.99
34.120.63.153
34.149.50.64
34.197.7.44
34.243.143.69
34.91.62.186
34.98.64.218
35.158.30.42
35.186.193.173
35.186.194.101
35.190.0.66
35.201.123.184
35.227.252.103
46.228.164.11
46.228.174.117
51.89.9.251
52.16.39.70
52.211.132.222
52.223.40.198
52.46.130.91
52.51.87.200
52.54.58.110
52.57.12.239
52.70.125.191
54.247.4.160
65.9.66.43
69.166.1.66
69.173.144.139
8.2.110.17
99.86.4.30
01866a6f12c6e523443381bbdf5081cde46c20e7108827388b0a10c9c23b25fd
01ba44a168b74a3018d7347678897dece52b933e9625bc6421badc8cbfaa075e
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03089497f2493071b7d29a09a82e118f75f33abb560c00b42253a17b3d52cb9c
03ff69f9784b7bbbd136ef5c44b95032aefb5bc976d01896876a020219a72be6
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
05a4a88f417264926d8c52323a80416fed1bd8162185a490021b10a5318b4971
065547f6dec7e9fb8db83c9d9bdacdd0376f147bfdfdabbc3dffa8246a1a4b96
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08a5d25b26184651be9a44bc444434e943ac1d9acd67e17bc9e6f0ef31d1f33a
08b06650757c02226215d9b21c075c230babd6b3f1c8dc92b21e4a1e8e3de10c
0975cf6a05fc879df51521d4afdf90c252e68e7698b1ac373cb7833bb806e957
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c40cb69307b8caa0699456190ccf595475b5ddfeb1ad5a6dbb07b4fc72777a5
0c95a8c5004cfe5e0e400118ad0601c509d6d94fdb877a4af345603ac5c47be4
0e2efe30867f1ed4758d866cf4c2b45204625b02f633183c2fdb9cf422015b9e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0efafeb08fc479cd522b151daca0beed2ff391c3fe0fca76347ff6ce44392a44
0fc2dd0c486b1d6340f3f05fd679c26037ed5b2f92ff939de331b2c0626fdd5a
0fd36f5c10636c33e7f21f3adc2976914e5654394ca43c7b391ddf956601ddfe
100ecf2f5c1cf553603429177cd9f39cdbab9dceeb9cb076ee40f349f99f45d8
10185b10013820e508ccca945aa7ce08e45865e0eeac8e3c4a2b78b99ec311a9
12e5c96d95cc1c88a0c18625024b221fa7f7ad7e4069740f3217b87a79a44b31
14f369fa6a0f601c4630028be30319486272d3426e17ba7ff54ebc487769706b
1548aabd8c69698cd8f0247200a23f032283ebe6598bbc1cf166738ca8fcf332
156d88eeee25bdd897f676d8bfd61d10a0c847625eb80c72b1adfac9c4622e2b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16b1da52f88c204a656c316f84a12b12b02813a645e93355777062f25353f977
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18bfbc6bfd7f9d48e49df3e5d05e4516feeb47bec96b1a8392d5a51ba10f13f4
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1d2da280861f17f6bd0c9ec30de6845d63c482039f0265ba0c25ab9fe3852999
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
1dd35eca2f8ae96ca7e07712f0872924f523621d1c72e9b8fc7be4a45418fbce
1e0380df4c498644bb12391c4d0e5c39a625113e0906a8463ae473dfa6533720
1e4b624d21802f6f378ac0368fbc82aaebf4eed046ceb62c52527a7de9fedf60
1e55ff825d7664e533f64f8430a9782e343bf2b4f000dd7e230a6b01a7495a61
1f36185efe060f386c40a5f7175e6119beb87a3ea1d12679902938d22ae23277
1fa42b7ea91ab8d00859b62d4bfca986a76d98330fc69f46a39e72ebb0915b80
1fb11d98e1bdff89b5556445e957f666a0f587cf7d7a4594a59ae6abbe23784c
2063c61a28675f84cba5435a2e808552357f97aa32e187e185343ad6c716f3ed
21123e5e3595be5a8a955cdad6e0c755176c4a82d4121f2f2e189f6ebd21df80
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
21c63cd98cfc00244562cd177d65cd8c7721fed3a283ec6abf9330931f1f9f4f
23381a3edca7326a05ff5f071715a458bb8ac4cbad410e0941f90c5b8ad49f8c
2588fd4572f8538aa86dc073a6cc587452c4a658dcbf38dde6511eada4ebfec8
25b14465fdf41d6af58f04a4c012805943929f5870afbb64943f4147f3d434d3
25f547a38688056db912c3f924931e3409902038641582cbc480f2b2747e153f
2677fc5cd01b04e26bcdac454c02708609f10b800fe91734c20d17d5bcd5c371
26b6fe56ad4e8d293ef0f3f3aecdcbd57befae8b08812e9c98b64c0bb3edbeb1
272b7dc595eec42b41ed916b759ac267e759820b4f9112901d3ce4d1cb3be984
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2ac8ccd2fefc3fad3724c46ba371f4ddc4b624ee41d91d4b2dc1a5bb1c8de4f9
2b71e5e91026f203cf1a5e48ff380b69ed68c46e3fd56e40ef92633cdf19e670
2be14ecd1d08b798eb20e6aa2d3c0c86ceb57908ddcf657590bf99339fc222fd
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e3479d14727cf6b6581add352dad3c9fb8a89b1586d49dc0e606249e7abe437
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32d8252aa82248f9179d1b23675ff59c006f724a58bd5574a15307718032f127
381a2b410397b19d91a5cc2d7c6f89675dfd1df296c241f923fb666e9364c598
38c8892accf2c810e1e9c9c213dae3597c4dcfe8ed1086b2e8bda4a514b16c21
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3ae581437d0b9d19e375e89ae8abf0d0d92807f52764548b4a967d76e7f40a40
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3bea5e6fdad6b61509fdee4cd2a36f3e5cfe314268e61116f24f0ea7ffe86e9e
3cc3c3419ff7c7f9ae3e59fa1a03d0bfe1638b5bab38785ccc4c95ba4bcdec7f
3d5bdf172eb6e52b44abed14adf9b0ce5ffcf6fc5a32d174d8880407c9801480
3e93f8475c215cc2ac3f301287a86f8861ab3b0488ea635fadc3eb559699f28a
3eba2ba27f523006ca2008d1ae7a0dd2077e67fab64caeabfb738cb0d952d26b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41e3058617b1953cfc91e7a267a2d4124ca7ba8651b071d19ee399be3cc176de
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4506712d78f3da989391a382d199c5f861d140c61d73e0449f009b77c48c8907
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
45f5a68fb3c11e426df0ca5e6f301787e25277e94bc79fbda41f3c501612b941
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f38359488d0624cedf0a83c97ed4b99b01d2e07f3ad9c0c14deebfd2ccb9c1
47bb0f37080ccfc30c693d34e475116572dd38e358f03708fd12d31486c3b1a6
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
491df0da96339bfbf33c6eb8c779b69a166ec96dea13127b5eaa0260de687d25
49e39c9df5a54a998fdd43fdbb918eaddc07c3a5846a1bac5b6657eb7cef12b6
4b206df18a75f19c50765981f0bae30111a3e5938cc805eaa8e2b3eb942a7864
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf753c1ce23c690959ba1b59e6527be184cd38e332499514daea51b4292d0d1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dec00ffc67e9f03c4cab417e8d1f27eeba6d79aec2d4edb2e3f93bc02c8be40
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e778882a2500333f88f3ff359e2f884564ab96041642e718c530e31772d83bf
507fa711f89b65a3c5ea3d8a049e2b90983a6e7fa604092e87deeeaa7178c2e9
539cc993691ac34295a0b8e0b720aa3db63a2e80c78d49e1c4c4132bb4a5dc09
53b8b2f7cae39fa656971d0641b925ec36c12bb3a61d37970b85d9e7a1b5b16c
53be0578f87f1f73d305110acb20730521d0056775c76d688a5008c7781c7180
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
594b2d722e711f3cf77ca3a0a73d75a1d9f1553203ef2f45f1e423c4eb28f7db
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cb453452cb7f5355d1d91b93b3305ab04e5d25a8fc005aeb0031c22ad75e283
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
6081e4a68d706af77c4c3573d0af5c023934bdb7cd1855d2a2576e6bd899fe32
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d7ff1050ade794a69b401340e13b032281f833139049bddf1926456eb8a182
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63d3058bdbe760a4536348413642eb6f051581f4c534792a99a3396a547666df
64db384e9c6ab41d01780ea1d88f3b8b84e9338c4ccab4ba58da1c9b21906d72
650bf3c2fb45b48d09d3eb66e8d90c9d9b76987aa7d731d55cc7622880d95649
65f55d359724c825b83c85631caa83080756e1b9e8063c6f2bab54ad5aab34e7
674e8b0f0de896ef982229fe9e4e88046008cee3ffc985875fb0d236c2c11c5d
683810dce918116ed2946b8cbb916262b228dc4e6ef391b25c1b00ebb4dab193
69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500
6a168c5162134320b24bd4d33dcc17aca8607090021f791cffc523d6463e19fe
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6be67dc6303efffdb087459bc528b70ff8f9aeeb4ca3837e7d8fba3260910c33
6cc623bea73e51d8a09bfc0e952811fe0be67e5f37b0c0393629aea4969f82e1
6ece37269861884f765309296045560a938d5a24c3f7485e0489f6bd19575c6b
6ed72cb0c9b312f83130d6d81032c227eee93b87e3cd0279366699c6ae1c033c
6f960527aa0f461fd0bbed7c8af5b3c385903e569ab97883c7ff275d9dbaaf3a
706b208b8b90fc2ffd31212c127547653dee75f0ef0c8acfd29e4d4fb8d850f9
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b
726d441f784bd658996e27149975e6d84e6228db7a53f8de9926e82e01cf436d
729ef5dba5dd3dfa5fb679668748d75561ac5f610d818a6ba8f057e8040112b7
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
759bed2ca060eaca61886f857fcc79759e16d47c6668a97114b2cc18876ba3e3
75d9c00f76b574a2b7a591ae5ee6969d9e23b9aa7c527e1a648e2e6c0da5ca40
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
77d8a017f6033626102fdf13de83dfd8e009fa84f0360d9de0f6b234e30daffb
79ee2d6e13e8bbe212e805baccf2f07fd5efeb9288af74adf6e225c4bbba8dcc
7b2d13001ce692a6ee1fa7c42f6820046b5bb2726f25a00cfdd804f697539267
7c45c8d7d2e9d3669de7a6c0fd986213fe7286afbf144c717cb0445faa515ae4
7ccbd47cf14ab7da85c575857ecbac28f7185fdf6f37314f7184c843bac7c77f
7d60255211b63ebd7ab57221ffe52ae073eab1c1c3a93c48df42b224e7f7c527
7ec11d6f4b5719c46aaf605565d7277e94f19868af76da4a2eccb26c53c68428
80bd0e84cf3e48d489514a948e88b09bcaa1a7208407566ec9c0c200adf01e46
80c9671594b35dca109b7ecf4d7ca12db35663ba90b6e591fee421a3d3a6816a
81b430c9d4cef647d06c6870eadfe8114e77b947f31dc8593228c28d5fa91e73
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
876f64800eddd600e46bf7b49c432bd929db8a738552559b2ea96e46ede87181
8833293f6762feb57c976e996042e2dcf201b282c034504008e2bf0a98dd3527
8b78a61b96c6dedea1627a6730922db1c911ce35722f032d4a7086891de33663
8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7
8bbaf7f99000c8db41dc83a3391f120b31bb8fc88dd9bdb5ce4050f59c56eda8
8c330137db0347dc6a56e5090cb4ec826c1d322ee56f0ef4bc40054ecd707fa2
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc0df3dba239ddedac87859f71294ed080e4785e88d44566978c87f247dd456
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fa7a4a7640888a83f0bb2f74c2007f440adaa1786bcc7a2d76dba05d13ccdba
90e6acca4da0f2b5af47b18d98ac4f1addb4cf28ac7964dfe1f160ec0549b38e
915fcfd12e4199f970f19c3e0106b3b9387bf45df4c62722fbade10208be9e96
926cfdbcb7e64be5b911524c61c376f4d33faa2535486a2cebadb34153ed7529
943030a2bb4a69de7b031fefa25844e7cfd27154a2ba1f4b05d180a55273ab21
9524d2ae6e61c459599fa14533a3ec11f76e5f3360dd56bc1095b945e7bfb70f
9592277d735d99ffeb1eeeb8cb0010c95bee75dfe8356e1713ec09d031e430a0
95d9e987f13cab8761ab808e0535802234afee17ae943deab91994e67ab6c3ca
960fddc46f777552b4927f37eb092a9d70382a3e28294ae31854a15d6709c0d2
96426268a90c453e486ce8291f4a41e477026e2f9100d175087f7e52a27bb088
9715d07dab2c950a54ddf985dad8855377362b8f85f9f01b79da760a0bb4a559
9758bec686933aebdcc3a08fba29448de47c5faae5b8bd07b4840217e62d00fc
97d150121d68c50693e42c1d7c5762d8d3ef0f993ed16a5d7876e6bc1d5f999a
9850e6221e44f3b81cdfd5df62bd43bec950dfed4d987d868fb0d5953bce3ec0
9969c20b05385e44eef49078bb0fbffd8dd6081b90adf392fbcad9a894fa549a
997fb9216ddd5077b48778c1b4161c0b1891755230bc9dd371f1ecd0fb63cc7c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b27ea1a597eeb9af27c5e1594041e8338fc6bf9004080ac6d74ec354f94a1d8
9b2bfc1e730ab42676184488b79dbc30e1da9b1ee59de59d3344323aa5bac87e
9d68b741aed59e2715ac8f8588394481256359c6a951c44074fa7deb04f4e1b4
9edb39411fafc977bb830ee89662ae5c539a94f3d296817e6eebec977496dd06
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ffd9148502527101428184082d3f169369aa4ba51720bd2eef686fc06571bfd
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a0516d91dead3fa38bef64683d087460753209e723db56ce3ee1fcb1dbd84162
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1954ef253b2caf9e745776c489159a5aed757facdd89eff63a403faf0a92900
a2ae23336358c0ae9ada9c74a7f06f2c1cef4caaf01d279b07d83c1dccd91803
a4bc4b2d5be74e35ae8a2ef95ffa321bf0fc9baae937ae2e017eb42ea753b87f
a63dfafeb1e16958219c7a35e30625e86b3c11db90f0990fb68fa7181e7de73b
a6a936bf89e1100e04af426880bbbbcdf995f6501eb58a5e7ca3382b0ce74ac3
a6c7b3f12d189ff1bd6aeb59bde7ab8b6008b509d7d5b57fbb755ebd0d21d13c
a6fd9f240e0e9f6cb8ecf113864ccabd6da95814262acd2426b0cef78ed9b777
a7a643c364778798042a3f114d00ce30a8a3977a8d91a1f0ee6e5ff74a0c3c7b
a8b99561873fcbdc0f632128e188469c973ed41b26147cd56fbd05dd8c70e172
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aba7d65f6dbda36baaa184612f1d3a08addef403fb672b098c636811bbefe7cd
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff
ad7e6af41a63849cd0614109b738f6f0a7cc5a9c54179e694aee3314e0350494
addf66c2238104c87752aaf7a7bed657ef4c09a89366068e53adfb1a8e375944
afb33b3f4e2278ae6b077044dc307bb2478f4988afa6621e8e168e9e4f53c59e
b0713d786e7a4ac5eb44e8d6a99f11db878af25c55068653aca40675a1b0c1f5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17acea07c08d52c39004420a83cac3d1589d7d5024dfa7eec393d17aee8968c
b4a218191162776239931595fca9726278c948bb42e3fb69115174eb6cffde10
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c
b6a9ae184cce1b682c95f3018f7a6d6f2d9bad4960563fdf889581819014defc
b84304e1bba117beb11784bf6206dff5e402dede2570f97cde03e1eb05c3f995
ba4d9cd21d6a6e5d0defbc1095265febc940cf4ccee12d1fdff83c8beab9938a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbc0a19af52226a93e42bc25c8896146174763c549ed22e6708b8db85db5641d
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bd234e0f1a3d0ca947feac17c9cdd2dfa4b25a901bc36e1a959d5e11aeac88da
bda9ec230e9fd779256cde4a4b7687c6fbfab102624bed226faca3e27d255716
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3477a72ef1db732762ffb13ba55d7df867b64c2abf5f88a1fdff29e6dbe374d
c3ecf31e703f59a268f18b82ef3d290ae24f91bda18a770a42798ad1ea0fa0a5
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
c5967783af61b4135af96b01f2c73aab8f29c85a20149e1af64f3d361c9c30b5
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c9d72d6ebd81dc728a1f824bb6c7720b7173fe64301bdff0759c2b172a22bd3e
caac6e535c3deaa4e2f98a546d095270194905528348f7776a8ac6a6491c5c93
ccf0c4e5bad2cd6f6c98b60ebb23d7a0ae0556c6703376579c0f3801dc7d6b5d
cd969993c116a6d755c7817f30ae43e7c9750ddab9f0457fb707f5fa1881fb93
ce2b61e64a17f1488f20bafee5aa20a8d8ec897b990f709634f5bd1cc620e6b0
ce30fd214bd6c8cb11fa3f559ffecb0eed2eab3edfa803a791280f90c7088a03
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
cf3b6fe29869190115eb9993292db2febc2e35b4612c2a89d6457d94da0c875b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7e0329f4a0a3e793fe28c057124500be62b4f108c3a16ac0b414187ee9c5b8
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0df0150b3a2c0a2e388ec9e067c75abebb80f6610d674b04772ec86825944a7
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1da62fde5c639796f482fceef768f9024d753165047f98962427937831331f2
d4c5755ac183cdaa5f800cbed4bc204132a31490c7386a399c8e158febae3e4f
d4f5eb1f1274137257143c6a333fcb2dd2d28f52f46e0b80bfca730b2986b8d2
d64dde2d9531c2eb5ed9b8021f6caaa889bb2d3ec11b2a65ba82443bfd618301
d6b8e0e0d438ecc28c4bb0bb3dbdf9b9762252c85d774843758f9d83e0244ec3
d7e6f9e2fa462fbce98aeda500587f89f3243551a948f6d7225e5c9098562ee4
d89965f982a0fd0704c8b4eb5701fc8da3e5a0de08db70caf4b54fb967459862
d9945b11548b197af8d011926f6758b2278e9f8032bcb99d7588b6f2f1be90dc
dcc6bdfbf23d9bf24eec3ce9ff555ec79fedee0f24541d6a680db305a018d290
dceb94d1f8ed6e37fb34636d5d965c86f11d7fcc8965eb4655420993e6523efc
dd9e7a67b7118029754231ed69d1b6d001de819e4c28bbfe163bf2908284b5a2
ddff624349b5a6a215933510cc0351bd1caecb36ffbc09de71ae04e60a6bcc0c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df87ca4c937c81f38449c13404f4ada44b47652c88bb6e71ec38ee8b3a0e1d45
e131cde2cb0c7a07be92160d5080716139f800636d471cd2c0a5e3c1310cf4f5
e1846ba40ebb2099d0d6537679a8dd5f28175eef55ae70eb00b8bbb8f244d8c6
e226001a4667de86a4bc798fd504bac9625facc2b0856982b257b39992f77aa8
e2a65cae050542e3585a6f0d8b78f2df68d6f0a6424e94466f585f846ed9fee0
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42fc1d3b5cc6cc1d1ec4117b9c4b4d0d44c6a1577c1eda448ad7953865b937d
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
e82b9a956c59a73385a4573657856764668338ed372995994a8234266ee45e20
e9778e94d326ed6da8b069c5870e679fd878464e3060a70ab70207d84471ca92
e9bc564c7380a92298c9a3a362d6913fd593f7eef68f4fd94057694a4d55d423
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec2b997f9a42928846dda27375896a0e2c3fb57724a22cf9f281826e7e29c0f9
ee1bd6c6c0d14967abae5d591f718b6387386c22c71900fb3721c1e00cef2c5a
eebb258ecb3b636fb3771b4b9159a469216b59722582286ba68d1fe948e7e509
ef0959367ff11c84af542c4f7b75a7f93f2f752cef10e15d52e6bae527549322
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f195a923dab718f079d1ba6607322bd395c5e246569f815f7b266db76116fd1d
f2028ec8a2e0e67b31af83a46cf13b9af04c64d960e6f6dca2e5d086c5043b51
f3626395a3596984e23ef3c2e882eee1fe93e4830f6c6b90ba9aad5028d2b6c5
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f3e15c8c652037a48cdfd166c79433f19ccedbf4d660770128a4ed2f3f4ce64f
f430ad6611692180cc5bfba88afb989ac5cde063c2e929a28026be4c2c3e9f45
f48a1000003bf34c55964594a663ad739d66290ac2d2cda053a74b9eae6af18c
f507371c5a6b31b8b2af500d91c23f21bdd4e11cd221613b69f5d259f3faaa3a
f6010a78b9c16880b83cfa2a9b99e242d8bce1f179c0a516e946394bdacce0b1
f60ffca9be5cbc4640d7969b29077f38a61ec08544826effe2d86de72dc3051d
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f909c2c2a9a335ceeff177e65ba49c14fce81c73ac2aa304180243815f9e2f05
f9d9f5036d0bd2be56f58b96153837812b097932175127c8b0261eb0ba7b58de
fa849a8f2c4f93d1e474e70bf056c61c02fff1efa7e79a5f022693d052cb5f63
fb0c4d0ecb73dd9f05ff5211f7e61f9e1e23cae6850cfd094c9e3fb46a10dbbb
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc757f9ba6603eb9913106a4cd83c7a7c0a8a4f845a0aceb1103606bc324ad00
febd6d5e2dd9d20877725e3f60711f107e2e2a712baaa4a1f61df9686e2f273c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff3ac8df8ea694c1116204d470b40815360e936ac757b757a1db06aab5d37de2