urlscan.io logo urlscan.io
SecurityTrails logo

extra.globo.com Open in urlscan Pro
186.192.81.177  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cutt.ly/pwcQonAV
Effective URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassin...
Submission: On September 21 via manual from DE — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 171 IPs in 19 countries across 151 domains to perform 1051 HTTP transactions. The main IP is 186.192.81.177, located in Duque de Caxias, Brazil and belongs to Globo Comunicacao e Participacoes SA, BR. The main domain is extra.globo.com. The Cisco Umbrella rank of the primary domain is 545049.
TLS certificate: Issued by R3 on August 18th 2023. Valid for: 3 months.
This is the only time extra.globo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 186.192.81.177 28604 (Globo Com...)
25 186.192.90.3 28604 (Globo Com...)
6 2a00:1450:400... 15169 (GOOGLE)
7 13.224.192.181 16509 (AMAZON-02)
7 186.192.91.5 28604 (Globo Com...)
7 186.192.91.9 28604 (Globo Com...)
3 99.86.4.128 16509 (AMAZON-02)
3 108.138.9.235 16509 (AMAZON-02)
2 5 13.32.99.105 16509 (AMAZON-02)
32 2a00:1450:400... 15169 (GOOGLE)
7 9 23.37.42.132 16625 (AKAMAI-AS)
1 34.95.229.88 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 35.211.79.33 19527 (GOOGLE-2)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
24 2a02:2638:3::3 44788 (ASN-CRITE...)
3 65.9.66.68 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
7 2a00:1450:400... 15169 (GOOGLE)
2 23 67.220.224.144 16509 (AMAZON-02)
3 2602:803:c003... 26667 (RUBICONPR...)
13 35 185.89.210.90 29990 (ASN-APPNEX)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
1 89.149.192.65 60781 (LEASEWEB-...)
18 2a00:1450:400... 15169 (GOOGLE)
4 162.19.138.119 16276 (OVH)
1 186.192.81.117 28604 (Globo Com...)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 5 2a02:2638:d::d 44788 (ASN-CRITE...)
1 35.190.39.111 15169 (GOOGLE)
3 5 54.171.14.223 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
23 151.101.65.44 54113 (FASTLY)
2 35.244.153.86 15169 (GOOGLE)
2 35.198.52.213 396982 (GOOGLE-CL...)
3 35.156.21.31 16509 (AMAZON-02)
1 178.250.1.11 44788 (ASN-CRITE...)
13 184.30.16.195 16625 (AKAMAI-AS)
2 16.182.101.80 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
14 104.16.80.121 13335 (CLOUDFLAR...)
1 3.19.54.139 16509 (AMAZON-02)
1 52.25.155.196 16509 (AMAZON-02)
1 5 34.98.64.218 396982 (GOOGLE-CL...)
3 3 2600:9000:211... 16509 (AMAZON-02)
6 6 35.214.166.168 15169 (GOOGLE)
7 7 50.31.142.127 23352 (SERVERCEN...)
2 116.202.150.116 24940 (HETZNER-AS)
4 19 104.18.27.193 13335 (CLOUDFLAR...)
6 52.28.250.143 16509 (AMAZON-02)
22 184.30.22.30 16625 (AKAMAI-AS)
5 6 185.86.138.150 201081 (SMARTADSE...)
3 2a02:2638:d::4 44788 (ASN-CRITE...)
20 2a00:1450:400... 15169 (GOOGLE)
7 8 37.157.6.243 198622 (ADFORM)
21 52.223.40.198 16509 (AMAZON-02)
17 47 142.250.186.66 15169 (GOOGLE)
1 6 198.47.127.19 62713 (AS-PUBMATIC)
21 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 11 52.46.130.91 16509 (AMAZON-02)
2 3 35.174.117.224 14618 (AMAZON-AES)
1 1 34.160.19.107 15169 (GOOGLE)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
6 7 151.101.66.49 54113 (FASTLY)
3 178.250.7.9 44788 (ASN-CRITE...)
2 13.32.121.65 16509 (AMAZON-02)
4 14 69.173.144.139 26667 (RUBICONPR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.198.44.170 396982 (GOOGLE-CL...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 34.247.147.142 16509 (AMAZON-02)
14 151.139.128.10 20446 (STACKPATH...)
27 51 95.101.54.217 20940 (AKAMAI-ASN1)
18 21 18.194.60.143 16509 (AMAZON-02)
9 13 2a05:d018:d29... 16509 (AMAZON-02)
2 212.36.83.246 15699 (AS_ADAM A...)
8 10 69.173.144.165 26667 (RUBICONPR...)
2 7 216.52.2.91 32475 (SINGLEHOP...)
2 138.197.55.50 14061 (DIGITALOC...)
2 34.107.148.139 396982 (GOOGLE-CL...)
5 185.64.189.112 62713 (AS-PUBMATIC)
10 2a02:2638:3::10 44788 (ASN-CRITE...)
8 2a02:2638:d::11 44788 (ASN-CRITE...)
3 5 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 154.59.122.79 174 (COGENT-174)
1 54.178.182.181 16509 (AMAZON-02)
1 2 2.16.97.41 16625 (AKAMAI-AS)
7 10 2620:116:800d... 16509 (AMAZON-02)
12 12 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 35.190.0.66 15169 (GOOGLE)
3 3 213.155.156.164 1299 (TWELVE99 ...)
3 6 76.223.111.18 16509 (AMAZON-02)
2 2 178.250.7.11 44788 (ASN-CRITE...)
3 14 198.47.127.205 3257 (GTT-BACKB...)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 52.4.190.58 14618 (AMAZON-AES)
1 10 185.64.191.210 62713 (AS-PUBMATIC)
3 4 35.204.158.49 396982 (GOOGLE-CL...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
7 90 69.20.43.192 27357 (RACKSPACE)
3 2a02:2638:3::9 44788 (ASN-CRITE...)
1 35.241.9.51 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 34.107.254.252 396982 (GOOGLE-CL...)
1 3 47.252.78.131 45102 (ALIBABA-C...)
2 2 8.2.110.134 46636 (NATCOWEB)
5 5 2001:678:cb4:... 56396 (AMOBEE)
6 6 52.7.89.35 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
25 34.149.50.64 15169 (GOOGLE)
1 104.19.150.54 13335 (CLOUDFLAR...)
1 35.201.123.184 396982 (GOOGLE-CL...)
18 185.106.33.48 200478 (TABOOLA-AS)
3 151.101.129.44 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:780... 20940 (AKAMAI-ASN1)
3 10 168.119.72.236 24940 (HETZNER-AS)
1 67.202.105.21 32748 (STEADFAST)
18 185.255.84.153 200271 (IGUANE-)
1 8 51.89.9.254 16276 (OVH)
6 6 208.93.169.131 46244 (WEBMD-IDC...)
5 9 185.86.139.93 201081 (SMARTADSE...)
3 3 35.210.53.219 15169 (GOOGLE)
5 6 3.75.62.37 16509 (AMAZON-02)
4 4 34.246.32.191 16509 (AMAZON-02)
1 7 37.157.2.234 198622 (ADFORM)
6 6 185.184.8.90 204995 (RTB-HOUSE...)
2 2 82.145.213.8 39832 (NO-OPERA)
1 2600:9000:223... 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
2 23.67.137.210 16625 (AKAMAI-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 108.138.17.76 16509 (AMAZON-02)
12 12 52.212.143.67 16509 (AMAZON-02)
1 1 104.22.69.131 13335 (CLOUDFLAR...)
5 5 198.47.127.18 62713 (AS-PUBMATIC)
5 198.47.127.20 62713 (AS-PUBMATIC)
1 1 45.137.176.88 60350 (VP)
1 1 167.235.184.171 24940 (HETZNER-AS)
1 34.251.244.57 16509 (AMAZON-02)
2 2 188.42.196.115 7979 (SERVERS-COM)
1 192.132.33.69 18568 (BIDTELLECT)
2 35.244.174.68 15169 (GOOGLE)
1 68.232.35.16 15133 (EDGECAST)
1 2a01:4f8:261:... 24940 (HETZNER-AS)
1 34.160.236.64 396982 (GOOGLE-CL...)
2 2 34.107.184.81 396982 (GOOGLE-CL...)
1 3 193.0.160.130 54312 (ROCKETFUEL)
3 8 35.244.159.8 15169 (GOOGLE)
2 3 35.227.252.103 15169 (GOOGLE)
2 2 63.35.23.211 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
7 151.101.193.108 54113 (FASTLY)
1 151.101.1.108 54113 (FASTLY)
3 185.64.189.226 62713 (AS-PUBMATIC)
2 162.19.138.118 16276 (OVH)
9 141.226.228.48 200478 (TABOOLA-AS)
1 185.170.62.230 27381 (CASALE-MEDIA)
13 2606:4700:20:... 13335 (CLOUDFLAR...)
10 34.243.93.43 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 52.18.35.108 16509 (AMAZON-02)
10 184.30.16.183 16625 (AKAMAI-AS)
2 8 185.239.172.77 55081 (24SHELLS)
9 9 46.228.174.117 56396 (AMOBEE)
1 1 91.210.226.74 48314 (IP-PROJECTS)
1 1 217.79.178.236 24961 (MYLOC-AS ...)
1 2a00:1450:400... 15169 (GOOGLE)
2 35 34.247.233.198 16509 (AMAZON-02)
2 2 51.68.39.188 16276 (OVH)
4 6 64.202.112.255 22075 (AS-OUTBRAIN)
2 2 52.22.163.254 14618 (AMAZON-AES)
2 38.91.45.7 398989 (DEEPINTENT)
1 1 3.231.191.235 14618 (AMAZON-AES)
3 3 98.98.134.243 21859 (ZEN-ECN)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
2 2 124.146.215.43 2514 (INFOSPHER...)
2 2 80.77.87.163 46636 (NATCOWEB)
2 2 34.102.253.54 396982 (GOOGLE-CL...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 173.231.180.197 32475 (SINGLEHOP...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
4 4 141.94.170.64 16276 (OVH)
2 2 31.172.81.158 44066 (DE-FIRSTC...)
1 1 134.122.57.34 14061 (DIGITALOC...)
1 104.18.24.18 13335 (CLOUDFLAR...)
1 46.137.70.201 16509 (AMAZON-02)
7 69.16.175.10 20446 (STACKPATH...)
2 2600:9000:21f... 16509 (AMAZON-02)
1 35.186.193.173 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 35.186.154.107 15169 (GOOGLE)
1 1 141.95.171.142 16276 (OVH)
1 162.55.120.196 24940 (HETZNER-AS)
13 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 18.204.125.213 14618 (AMAZON-AES)
11 34.228.88.143 14618 (AMAZON-AES)
13 35.158.149.186 16509 (AMAZON-02)
1 2 2a05:d018:191... 16509 (AMAZON-02)
3 2600:1f18:1ac... 14618 (AMAZON-AES)
1 2 23.56.205.163 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 147.135.143.112 16276 (OVH)
12 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
9 3.227.105.123 14618 (AMAZON-AES)
2 2 147.75.84.158 54825 (PACKET)
3 3 18.134.84.21 16509 (AMAZON-02)
2 2 35.170.236.174 14618 (AMAZON-AES)
1 216.52.2.86 30282 (AS-INAPCD...)
1 1 69.173.151.100 26667 (RUBICONPR...)
1 3.66.233.77 16509 (AMAZON-02)
1051 171
1    2606:4700:10::ac43:8ee (United States)

ASN13335 (CLOUDFLARENET, US)
cutt.ly
1    186.192.81.177 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-177.prt.globo.com
extra.globo.com
25    186.192.90.3 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-90-3.prt.globo.com
s3.glbimg.com
6    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
7    13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net
c.amazon-adsystem.com
7    186.192.91.5 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-5.prt.globo.com
barra.globo.com
p.glbimg.com
s.glbimg.com
7    186.192.91.9 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-9.prt.globo.com
s2-extra.glbimg.com
3    99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
3    108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net
aax.amazon-adsystem.com
5    13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net
sb.scorecardresearch.com
32    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
9    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
1    34.95.229.88 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 88.229.95.34.bc.googleusercontent.com
globo-ab.globo.com
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    35.211.79.33 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 33.79.211.35.bc.googleusercontent.com
horizon.globo.com
horizon-track.globo.com
3    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:2250:6200:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
24    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
7    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
0f708961b8f1feaf0d154d64eb24d8ba.safeframe.googlesyndication.com
23    67.220.224.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
35    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
ams3-ib.adnxs.com
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    89.149.192.65 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
18    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    186.192.81.117 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-117.prt.globo.com
horizon-schemas.globo.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
5    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
5    54.171.14.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-14-223.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    2a00:1450:4001:831::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gadasource.storage.googleapis.com
3    2606:4700:3033::ac43:9fa2 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
23    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
imprammp.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
vidanalytics.taboola.com
wf.taboola.com
2    35.244.153.86 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 86.153.244.35.bc.googleusercontent.com
cocoon.globo.com
2    35.198.52.213 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.52.198.35.bc.googleusercontent.com
globo-mab.globo.com
3    35.156.21.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-21-31.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
13    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    16.182.101.80 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
10    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
14    104.16.80.121 (None, )

ASN13335 (CLOUDFLARENET, US)
t.seedtag.com
cs.seedtag.com
config.seedtag.com
creatives.seedtag.com
video.seedtag.com
1    3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
ads.vidoomy.com
1    52.25.155.196 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-155-196.us-west-2.compute.amazonaws.com
ivccf.ivcbrasil.org.br
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
eu-u.openx.net
us-u.openx.net
u.openx.net
3    2600:9000:211e:200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
6    35.214.166.168 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 168.166.214.35.bc.googleusercontent.com
csync.loopme.me
7    50.31.142.127 (Hickory Hills, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    116.202.150.116 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy01.cl03.het.mrf.io
events.newsroom.bi
19    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
htlb.casalemedia.com
dsum.casalemedia.com
6    52.28.250.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-250-143.eu-central-1.compute.amazonaws.com
match.sharethrough.com
22    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
3    2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
20    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
21    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
47    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
6    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
21    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
11    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    35.174.117.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-117-224.compute-1.amazonaws.com
rtb.adentifi.com
1    34.160.19.107 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
7    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr3.eu.criteo.com
2    13.32.121.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-65.fra60.r.cloudfront.net
client.aps.amazon-adsystem.com
14    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    35.198.44.170 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 170.44.198.35.bc.googleusercontent.com
usergate.globo.com
1    2606:4700:4400::6812:29aa (United States)

ASN13335 (CLOUDFLARENET, US)
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
3    34.247.147.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-147-142.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
14    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
ad.lkqd.net
51    95.101.54.217 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-217.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
21    18.194.60.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-60-143.eu-central-1.compute.amazonaws.com
x.bidswitch.net
13    2a05:d018:d29:3601:970f:dde0:5c57:1e8b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    212.36.83.246 (Terrassa, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb2.vdmy.dtic.es
a.vidoomy.com
10    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
7    216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    138.197.55.50 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
ads.resetsrv.com
2    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
5    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
10    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
8    2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
5    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    54.178.182.181 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-182-181.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
2    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
10    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
secure.quantserve.com
pixel.quantserve.com
12    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
openx2-match.dotomi.com
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
3    213.155.156.164 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
6    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
14    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    52.4.190.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-190-58.compute-1.amazonaws.com
a.audrte.com
10    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
4    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
90    69.20.43.192 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
cs.lkqd.net
t.lkqd.net
3    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
7    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
3    47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
2    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
5    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
6    52.7.89.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-89-35.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
25    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
18    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
3    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a02:26f0:780::5f65:366b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
10    168.119.72.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.236.72.119.168.clients.your-server.de
sync.richaudience.com
1    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
18    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
8    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
6    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
9    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
rtb-csync.smartadserver.com
3    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
6    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
pixel.advertising.com
ups.analytics.yahoo.com
4    34.246.32.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-32-191.eu-west-1.compute.amazonaws.com
ad.360yield.com
7    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
adx.adform.net
6    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    2600:9000:223c:e000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    23.67.137.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-137-210.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    108.138.17.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-76.fra56.r.cloudfront.net
api-2-0.spot.im
12    52.212.143.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-143-67.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
5    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
5    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
1    167.235.184.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.171.184.235.167.clients.your-server.de
inv-nets.admixer.net
1    34.251.244.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-244-57.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    192.132.33.69 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 69.bidtellect.com
bttrack.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
1    68.232.35.16 (United States)

ASN15133 (EDGECAST, US)
ced-ns.sascdn.com
1    2a01:4f8:261:2acb::2 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
s.spotim.market
1    34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
2    34.107.184.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.184.107.34.bc.googleusercontent.com
nxd.adhaven.com
3    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
eu-u.openx.net
u.openx.net
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    63.35.23.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-23-211.eu-west-1.compute.amazonaws.com
r.scoota.co
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
7    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
3    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
2    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
lb.eu-1-id5-sync.com
9    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-vid-events.taboola.com
am-match.taboola.com
sync.taboola.com
am-wf.taboola.com
1    185.170.62.230 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a4548.casalemedia.com
13    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
10    34.243.93.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
s.update.indexww.com
1    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
4    52.18.35.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-35-108.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
10    184.30.16.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-183.deploy.static.akamaitechnologies.com
crcdn01.adnxs-simple.com
8    185.239.172.77 (United Kingdom)

ASN55081 (24SHELLS, US)
sync.spotim.market
9    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    91.210.226.74 (Germany)

ASN48314 (IP-PROJECTS, DE)
ads.smartstream.tv
1    217.79.178.236 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm47.as.net
cm.adsafety.net
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
35    34.247.233.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
2    51.68.39.188 (Paris, France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
6    64.202.112.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    52.22.163.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-163-254.compute-1.amazonaws.com
sync.ipredictive.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    3.231.191.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-191-235.compute-1.amazonaws.com
media.sabio.us
3    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    124.146.215.43 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    85.114.159.118 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    173.231.180.197 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: ams-delivery-4.sys.adgear.com
cm.adgrx.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel.onaudience.com
pixel-eu.onaudience.com
2    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
1    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    46.137.70.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-70-201.eu-west-1.compute.amazonaws.com
unified.adsafeprotected.com
7    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
vast.aniview.com
2    2600:9000:21f3:800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    35.186.154.107 (Singapore)

ASN15169 (GOOGLE, US)
PTR: 107.154.186.35.bc.googleusercontent.com
cm-supply-web.gammaplatform.com
1    141.95.171.142 (France)

ASN16276 (OVH, FR)
PTR: bixel-8.cloudy.ovh
green.erne.co
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
13    2a02:26f0:3500:595::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
3    18.204.125.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-125-213.compute-1.amazonaws.com
gov.aniview.com
11    34.228.88.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-88-143.compute-1.amazonaws.com
track1.aniview.com
13    35.158.149.186 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-149-186.eu-central-1.compute.amazonaws.com
optimized-by.rubiconproject.com
2    2a05:d018:1914:d732:916f:481d:8a41:2291 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
4cywq-eqnre.ads.tremorhub.com
3    2600:1f18:1aca:4281:43fd:8cd4:5872:a15c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
2    23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com
www.awin1.com
1    2606:4700::6812:bae0 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.ch
1    147.135.143.112 (Villeurbanne, France)

ASN16276 (OVH, FR)
min.tryiqos.ch
12    2a02:26f0:480:f::213:7ec4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.stickyadstv.com
1    2603:c020:400d:3000:67b7:1059:7283:c690 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
9    3.227.105.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-105-123.compute-1.amazonaws.com
sync.aniview.com
2    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    18.134.84.21 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-21.eu-west-2.compute.amazonaws.com
1f2e7.v.fwmrm.net
2    35.170.236.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-236-174.compute-1.amazonaws.com
ssp.disqus.com
1    216.52.2.86 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    3.66.233.77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-233-77.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
Apex Domain
Subdomains		 Transfer
104 lkqd.net
ad.lkqd.net — Cisco Umbrella Rank: 27352
v.lkqd.net — Cisco Umbrella Rank: 19778
cs.lkqd.net — Cisco Umbrella Rank: 3391
t.lkqd.net — Cisco Umbrella Rank: 22374
436 KB
80 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
626 KB
75 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2681
fastlane.rubiconproject.com — Cisco Umbrella Rank: 784
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3593
eus.rubiconproject.com — Cisco Umbrella Rank: 916
token.rubiconproject.com — Cisco Umbrella Rank: 764
pixel.rubiconproject.com — Cisco Umbrella Rank: 649
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3048
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1537
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 5915
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1711
272 KB
63 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 919
cdn.stickyadstv.com — Cisco Umbrella Rank: 10439
875 KB
61 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 837
image6.pubmatic.com — Cisco Umbrella Rank: 1171
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 840
simage2.pubmatic.com — Cisco Umbrella Rank: 1265
image2.pubmatic.com — Cisco Umbrella Rank: 1547
image8.pubmatic.com — Cisco Umbrella Rank: 1061
image4.pubmatic.com — Cisco Umbrella Rank: 1978
t.pubmatic.com — Cisco Umbrella Rank: 3482
simage4.pubmatic.com — Cisco Umbrella Rank: 1746
411 KB
53 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1262
pm-widget.taboola.com — Cisco Umbrella Rank: 3991
trc.taboola.com — Cisco Umbrella Rank: 907
il-trc-events.taboola.com — Cisco Umbrella Rank: 16209
vidstat.taboola.com — Cisco Umbrella Rank: 3587
imprammp.taboola.com — Cisco Umbrella Rank: 11278
am-vid-events.taboola.com — Cisco Umbrella Rank: 10788
am-match.taboola.com — Cisco Umbrella Rank: 13197
sync.taboola.com — Cisco Umbrella Rank: 1624
vidstatb.taboola.com — Cisco Umbrella Rank: 9042
vidanalytics.taboola.com — Cisco Umbrella Rank: 10636
wf.taboola.com — Cisco Umbrella Rank: 3685
am-wf.taboola.com — Cisco Umbrella Rank: 13824
734 KB
49 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 404
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 945
aax.amazon-adsystem.com — Cisco Umbrella Rank: 541
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066
s.amazon-adsystem.com — Cisco Umbrella Rank: 429
client.aps.amazon-adsystem.com — Cisco Umbrella Rank: 16825
210 KB
48 googlesyndication.com
098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
0f708961b8f1feaf0d154d64eb24d8ba.safeframe.googlesyndication.com
238 KB
43 aniview.com
vast.aniview.com — Cisco Umbrella Rank: 9334
player.aniview.com — Cisco Umbrella Rank: 2710
gov.aniview.com — Cisco Umbrella Rank: 7280
track1.aniview.com — Cisco Umbrella Rank: 2842
sync.aniview.com — Cisco Umbrella Rank: 2660
1 MB
43 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
secure.adnxs.com — Cisco Umbrella Rank: 806
acdn.adnxs.com — Cisco Umbrella Rank: 960
cdn.adnxs.com — Cisco Umbrella Rank: 2546
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6584
159 KB
42 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8000
csm.eu.criteo.net — Cisco Umbrella Rank: 7577
292 KB
39 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 2264
usersync.gumgum.com — Cisco Umbrella Rank: 2735
12 KB
39 seedtag.com
t.seedtag.com — Cisco Umbrella Rank: 11678
s.seedtag.com — Cisco Umbrella Rank: 4982
cs.seedtag.com — Cisco Umbrella Rank: 13730
config.seedtag.com — Cisco Umbrella Rank: 16738
creatives.seedtag.com — Cisco Umbrella Rank: 27193
video.seedtag.com — Cisco Umbrella Rank: 84606
390 KB
38 glbimg.com
s3.glbimg.com — Cisco Umbrella Rank: 96757
s2-extra.glbimg.com
p.glbimg.com — Cisco Umbrella Rank: 157849
s.glbimg.com — Cisco Umbrella Rank: 114155
1 MB
22 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614
grid.bidswitch.net — Cisco Umbrella Rank: 1511
6 KB
21 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
5 KB
20 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
htlb.casalemedia.com — Cisco Umbrella Rank: 803
a4548.casalemedia.com — Cisco Umbrella Rank: 483448
dsum.casalemedia.com — Cisco Umbrella Rank: 2664
14 KB
19 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 2163
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1096
csync.smartadserver.com — Cisco Umbrella Rank: 4577
sync.smartadserver.com — Cisco Umbrella Rank: 2057
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1011
28 KB
18 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1162
5 KB
18 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
9 KB
18 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2190
google-bidout-d.openx.net — Cisco Umbrella Rank: 2191
eu-u.openx.net — Cisco Umbrella Rank: 3562
us-u.openx.net — Cisco Umbrella Rank: 863
u.openx.net — Cisco Umbrella Rank: 1024
rtb.openx.net — Cisco Umbrella Rank: 1029
3 KB
18 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
373 KB
18 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 949
gum.criteo.com — Cisco Umbrella Rank: 640
mug.criteo.com — Cisco Umbrella Rank: 1822
ads.eu.criteo.com — Cisco Umbrella Rank: 7499
cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 8966
dis.criteo.com — Cisco Umbrella Rank: 910
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13805
152 KB
15 adform.net
c1.adform.net — Cisco Umbrella Rank: 954
dmp.adform.net — Cisco Umbrella Rank: 4243
cm.adform.net — Cisco Umbrella Rank: 1654
adx.adform.net — Cisco Umbrella Rank: 3884
9 KB
13 ad4m.at
ad4m.at — Cisco Umbrella Rank: 10446
as.ad4m.at — Cisco Umbrella Rank: 29602
assets.ad4m.at — Cisco Umbrella Rank: 38846
244 KB
13 globo.com
extra.globo.com — Cisco Umbrella Rank: 545049
barra.globo.com — Cisco Umbrella Rank: 222126
globo-ab.globo.com — Cisco Umbrella Rank: 105657
horizon.globo.com — Cisco Umbrella Rank: 90127
horizon-schemas.globo.com — Cisco Umbrella Rank: 86364
cocoon.globo.com — Cisco Umbrella Rank: 138569
globo-mab.globo.com — Cisco Umbrella Rank: 112290
horizon-track.globo.com — Cisco Umbrella Rank: 68629
usergate.globo.com — Cisco Umbrella Rank: 124686
131 KB
12 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 950
6 KB
12 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5383
openx2-match.dotomi.com — Cisco Umbrella Rank: 7812
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 9796
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5593
casale-match.dotomi.com — Cisco Umbrella Rank: 5639
4 KB
11 indexww.com
s.update.indexww.com — Cisco Umbrella Rank: 16555
js-sec.indexww.com — Cisco Umbrella Rank: 1069
54 KB
10 adnxs-simple.com
crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 5664
39 KB
10 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2941
4 KB
10 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1260
secure.quantserve.com — Cisco Umbrella Rank: 1803
pixel.quantserve.com — Cisco Umbrella Rank: 1594
13 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 254
569 KB
9 spotim.market
s.spotim.market — Cisco Umbrella Rank: 7200
sync.spotim.market — Cisco Umbrella Rank: 4005
5 KB
9 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 1025
unified.adsafeprotected.com — Cisco Umbrella Rank: 1719
static.adsafeprotected.com — Cisco Umbrella Rank: 851
dt.adsafeprotected.com — Cisco Umbrella Rank: 765
173 KB
8 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1153
3 KB
8 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2885
cdn.permutive.com — Cisco Umbrella Rank: 3714
80 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1012
ce.lijit.com — Cisco Umbrella Rank: 1486
3 KB
8 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1393
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1398
sync.crwdcntrl.net — Cisco Umbrella Rank: 1377
37 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 933
3 KB
7 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1237
1 KB
7 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 906
3 KB
7 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2880
creativecdn.com — Cisco Umbrella Rank: 821
3 KB
7 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1223
id5-sync.com — Cisco Umbrella Rank: 687
93 KB
6 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 1259
2 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 957
5 KB
6 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241
4 KB
6 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 713
2 KB
6 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 876
68 B
6 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1499
1 KB
6 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 331
119 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
2 KB
5 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1469
s.tribalfusion.com — Cisco Umbrella Rank: 3247
3 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 11
2 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 239
2 KB
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3680
pixel-eu.onaudience.com — Cisco Umbrella Rank: 18527
2 KB
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 1002
1 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3797
3 KB
4 googleapis.com
gadasource.storage.googleapis.com — Cisco Umbrella Rank: 153487
fonts.googleapis.com — Cisco Umbrella Rank: 113
imasdk.googleapis.com — Cisco Umbrella Rank: 657
150 KB
3 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 4376
2 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1186
2 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2364
a.ad.gt — Cisco Umbrella Rank: 2797
4 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1417
2 KB
3 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 7682
908 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
region1.google-analytics.com — Cisco Umbrella Rank: 1878
21 KB
3 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 5365
713 B
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 7132
867 B
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
15 KB
3 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1944
526 B
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1092
1 KB
3 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 28569
a.vidoomy.com — Cisco Umbrella Rank: 3843
6 KB
3 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 11072
49 KB
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2272
1019 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1363
528 B
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16620
1 KB
2 tremorhub.com
4cywq-eqnre.ads.tremorhub.com — Cisco Umbrella Rank: 47835
1 KB
2 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 5981
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2139
1 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 5800
676 B
2 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1518
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1516
2 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 802
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1610
60 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1542
930 B
2 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 4515
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128
949 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1313
804 B
2 scoota.co
r.scoota.co — Cisco Umbrella Rank: 30407
1 KB
2 adhaven.com
nxd.adhaven.com — Cisco Umbrella Rank: 59032
367 B
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 1301
idsync.rlcdn.com — Cisco Umbrella Rank: 719
44 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2330
2 KB
2 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2416
19 KB
2 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1662
34 KB
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2169
1 KB
2 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 9664
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 80
67 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 18714
497 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 2022
604 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1975
2 KB
2 resetsrv.com
ads.resetsrv.com — Cisco Umbrella Rank: 19143
762 B
2 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 8814
2 KB
2 amazonaws.com
s3.amazonaws.com
36 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
3 KB
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 2443
406 B
1 tryiqos.ch
min.tryiqos.ch
687 B
1 conrad.ch
www.conrad.ch
492 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 11001
1 erne.co
green.erne.co — Cisco Umbrella Rank: 27364
412 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 4660
639 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 5404
308 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 8195
279 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 7500
369 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3359
555 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 4098
439 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2200
282 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164
524 B
1 sabio.us
media.sabio.us — Cisco Umbrella Rank: 30684
234 B
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 16085
1 KB
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 19826
823 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 2038
213 B
1 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 3626
3 KB
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1445
163 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1999
534 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 3690
383 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2756
764 B
1 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 3971
661 B
1 spot.im
api-2-0.spot.im — Cisco Umbrella Rank: 3664
457 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1617
1 KB
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 2383
303 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1718
1 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 89253
8 KB
1 prmutv.co
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co — Cisco Umbrella Rank: 255592
394 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 830
650 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 11243
553 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 11013
44 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 2199
668 B
1 permutive.app
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app — Cisco Umbrella Rank: 145516
322 KB
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 17207
245 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2674
365 B
1 ivcbrasil.org.br
ivccf.ivcbrasil.org.br — Cisco Umbrella Rank: 234649
461 B
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 6085
603 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2392
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2724
3 KB
1 cutt.ly
cutt.ly — Cisco Umbrella Rank: 50739
490 B
0 aura-dsp.com Failed
sync-dmp.aura-dsp.com Failed
0 dyntrk.com Failed
gu.dyntrk.com Failed
0 tidaltv.com Failed
sync.tidaltv.com Failed
0 zqtk.net Failed
aps.zqtk.net Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 globoi.com Failed
id.qa.globoi.com Failed
1051 151
Domain Requested by
51 ads.stickyadstv.com 27 redirects extra.globo.com
ssum-sec.casalemedia.com
ad.lkqd.net
cdn.stickyadstv.com
47 cm.g.doubleclick.net 17 redirects google-bidout-d.openx.net
098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
extra.globo.com
aax-eu.amazon-adsystem.com
googleads.g.doubleclick.net
rtb.gumgum.com
d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
42 t.lkqd.net ad.lkqd.net
35 usersync.gumgum.com 2 redirects rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
32 cs.lkqd.net 7 redirects ad.lkqd.net
extra.globo.com
30 securepubads.g.doubleclick.net s3.glbimg.com
securepubads.g.doubleclick.net
extra.globo.com
www.googletagservices.com
098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
25 s.seedtag.com s3.glbimg.com
cs.seedtag.com
ads.pubmatic.com
extra.globo.com
25 s3.glbimg.com extra.globo.com
s3.glbimg.com
p.glbimg.com
s.glbimg.com
barra.globo.com
www.googletagmanager.com
24 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
ads.rubiconproject.com
s3.glbimg.com
23 aax-eu.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
google-bidout-d.openx.net
ssum-sec.casalemedia.com
ads.pubmatic.com
client.aps.amazon-adsystem.com
rtb.gumgum.com
22 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
cs.seedtag.com
visitor.omnitagjs.com
imprammp.taboola.com
am-match.taboola.com
rtb.gumgum.com
ads.rubiconproject.com
extra.globo.com
21 x.bidswitch.net 18 redirects am-match.taboola.com
extra.globo.com
21 pagead2.googlesyndication.com 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
www.googletagservices.com
d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
pagead2.googlesyndication.com
extra.globo.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
21 match.adsrvr.org google-bidout-d.openx.net
ssum-sec.casalemedia.com
ads.pubmatic.com
aax-eu.amazon-adsystem.com
cs.seedtag.com
visitor.omnitagjs.com
imprammp.taboola.com
googleads.g.doubleclick.net
am-match.taboola.com
extra.globo.com
rtb.gumgum.com
21 ib.adnxs.com 4 redirects s3.glbimg.com
ads.pubmatic.com
acdn.adnxs.com
20 tpc.googlesyndication.com 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
googleads.g.doubleclick.net
extra.globo.com
18 visitor.omnitagjs.com cs.seedtag.com
visitor.omnitagjs.com
ssbsync.smartadserver.com
s.spotim.market
eus.rubiconproject.com
ads.pubmatic.com
18 il-trc-events.taboola.com cdn.taboola.com
extra.globo.com
18 www.googletagmanager.com s3.glbimg.com
www.googletagmanager.com
extra.globo.com
16 v.lkqd.net ad.lkqd.net
14 simage2.pubmatic.com 3 redirects ads.pubmatic.com
extra.globo.com
14 ad.lkqd.net extra.globo.com
ad.lkqd.net
14 token.rubiconproject.com 4 redirects eus.rubiconproject.com
13 optimized-by.rubiconproject.com ad.lkqd.net
13 player.aniview.com vidstat.taboola.com
extra.globo.com
13 pr-bh.ybp.yahoo.com 9 redirects us-u.openx.net
ads.pubmatic.com
ssum-sec.casalemedia.com
13 ads.pubmatic.com securepubads.g.doubleclick.net
aax-eu.amazon-adsystem.com
ads.pubmatic.com
cs.seedtag.com
sync.richaudience.com
s.spotim.market
rtb.gumgum.com
extra.globo.com
12 cdn.stickyadstv.com ad.lkqd.net
cdn.stickyadstv.com
12 match.prod.bidr.io 12 redirects
12 cdn.taboola.com extra.globo.com
cdn.taboola.com
client
11 track1.aniview.com extra.globo.com
player.aniview.com
11 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
aax-eu.amazon-adsystem.com
extra.globo.com
10 crcdn01.adnxs-simple.com acdn.adnxs.com
crcdn01.adnxs-simple.com
10 s.update.indexww.com d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
s.update.indexww.com
10 secure.adnxs.com 9 redirects extra.globo.com
10 sync.richaudience.com 3 redirects cs.seedtag.com
sync.richaudience.com
us-u.openx.net
ads.pubmatic.com
10 image2.pubmatic.com 1 redirects ads.pubmatic.com
10 imageproxy.eu.criteo.net ads.eu.criteo.com
10 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
10 www.googletagservices.com securepubads.g.doubleclick.net
098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
9 sync.aniview.com extra.globo.com
ads.pubmatic.com
8 sync.spotim.market 2 redirects s.spotim.market
extra.globo.com
ads.pubmatic.com
8 onetag-sys.com 1 redirects cs.seedtag.com
visitor.omnitagjs.com
aax-eu.amazon-adsystem.com
s.spotim.market
d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
extra.globo.com
8 cms.quantserve.com 7 redirects 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
8 csm.eu.criteo.net ads.eu.criteo.com
8 us-u.openx.net 2 redirects google-bidout-d.openx.net
sync.richaudience.com
us-u.openx.net
7 vast.aniview.com s3.glbimg.com
7 sync.1rx.io 7 redirects
7 rtb-csync.smartadserver.com 3 redirects ssbsync.smartadserver.com
extra.globo.com
7 acdn.adnxs.com extra.globo.com
crcdn01.adnxs-simple.com
ads.rubiconproject.com
7 secure-assets.rubiconproject.com 7 redirects
7 api.permutive.com s3.glbimg.com
7 ap.lijit.com 2 redirects ads.pubmatic.com
cs.seedtag.com
visitor.omnitagjs.com
extra.globo.com
7 pixel.rubiconproject.com 5 redirects aax-eu.amazon-adsystem.com
7 sync-tm.everesttech.net 6 redirects ads.pubmatic.com
7 c1.adform.net 6 redirects ads.pubmatic.com
7 b1sync.zemanta.com 7 redirects
7 s2-extra.glbimg.com extra.globo.com
7 c.amazon-adsystem.com extra.globo.com
c.amazon-adsystem.com
client.aps.amazon-adsystem.com
6 assets.ad4m.at as.ad4m.at
6 adx.adform.net ad.lkqd.net
6 sync.outbrain.com 4 redirects rtb.gumgum.com
6 creativecdn.com 6 redirects
6 bh.contextweb.com 6 redirects
6 sync.srv.stackadapt.com 6 redirects
6 eb2.3lift.com 3 redirects aax-eu.amazon-adsystem.com
extra.globo.com
6 image6.pubmatic.com 1 redirects ads.pubmatic.com
6 ssbsync.smartadserver.com 5 redirects visitor.omnitagjs.com
6 match.sharethrough.com aax-eu.amazon-adsystem.com
cs.seedtag.com
ssbsync.smartadserver.com
extra.globo.com
6 ssum-sec.casalemedia.com 3 redirects aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
6 csync.loopme.me 6 redirects
6 t.seedtag.com securepubads.g.doubleclick.net
t.seedtag.com
6 cdn.ampproject.org extra.globo.com
s3.glbimg.com
5 ad4m.at d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
ad4m.at
5 image8.pubmatic.com 5 redirects
5 ups.analytics.yahoo.com 4 redirects extra.globo.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 ad.turn.com 5 redirects
5 hbopenbid.pubmatic.com ads.pubmatic.com
s3.glbimg.com
5 www.google.com 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
tpc.googlesyndication.com
d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
5 gum.criteo.com 1 redirects static.criteo.net
cdn.taboola.com
s3.glbimg.com
5 sb.scorecardresearch.com 2 redirects extra.globo.com
5 s.glbimg.com extra.globo.com
s.glbimg.com
4 creatives.seedtag.com extra.globo.com
4 amazon-tam-match.dotomi.com 4 redirects
4 rtb.gumgum.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
4 simage4.pubmatic.com ads.pubmatic.com
4 ams3-ib.adnxs.com ads.pubmatic.com
s3.glbimg.com
extra.globo.com
cdn.adnxs.com
4 ad.360yield.com 4 redirects
4 um.simpli.fi 3 redirects ads.pubmatic.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 sync.crwdcntrl.net 3 redirects ads.pubmatic.com
4 a.tribalfusion.com 3 redirects ads.pubmatic.com
4 id5-sync.com s3.glbimg.com
ssbsync.smartadserver.com
cdn.id5-sync.com
4 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 1f2e7.v.fwmrm.net 3 redirects
3 dt.adsafeprotected.com extra.globo.com
3 gov.aniview.com s3.glbimg.com
3 pixel-sync.sitescout.com 3 redirects
3 sync.taboola.com imprammp.taboola.com
am-match.taboola.com
3 am-vid-events.taboola.com extra.globo.com
vidstat.taboola.com
3 t.pubmatic.com extra.globo.com
ads.pubmatic.com
3 rtb.openx.net 2 redirects us-u.openx.net
3 p.rfihub.com 1 redirects ad.lkqd.net
3 pool.admedo.com 3 redirects
3 csync.smartadserver.com cs.seedtag.com
csync.smartadserver.com
3 event.clientgear.com 1 redirects ad.lkqd.net
3 rtb.nl3.eu.criteo.com 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
extra.globo.com
3 pixel-eu.rubiconproject.com 3 redirects
3 d5p.de17a.com 3 redirects
3 pixel.adsafeprotected.com ads.pubmatic.com
static.adsafeprotected.com
3 cdnjs.cloudflare.com ads.eu.criteo.com
3 cat.fr3.eu.criteo.com ads.eu.criteo.com
3 rtb.adentifi.com 2 redirects ssum-sec.casalemedia.com
3 ads.eu.criteo.com 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
3 s.ad.smaato.net 3 redirects
3 prebid-a.rubiconproject.com ads.rubiconproject.com
s3.glbimg.com
3 sdk.mrf.io extra.globo.com
sdk.mrf.io
3 fastlane.rubiconproject.com s3.glbimg.com
ads.pubmatic.com
3 tags.crwdcntrl.net securepubads.g.doubleclick.net
extra.globo.com
3 cdn.id5-sync.com securepubads.g.doubleclick.net
extra.globo.com
3 aax.amazon-adsystem.com c.amazon-adsystem.com
client.aps.amazon-adsystem.com
3 config.aps.amazon-adsystem.com c.amazon-adsystem.com
s3.amazonaws.com
2 ssp.disqus.com 2 redirects
2 prebid.a-mo.net 2 redirects
2 www.awin1.com 1 redirects as.ad4m.at
2 4cywq-eqnre.ads.tremorhub.com 1 redirects extra.globo.com
2 as.ad4m.at ad4m.at
as.ad4m.at
2 config.seedtag.com static.adsafeprotected.com
2 pixel-eu.onaudience.com 2 redirects
2 static.adsafeprotected.com extra.globo.com
2 wf.taboola.com s3.glbimg.com
2 casale-match.dotomi.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 sync.bumlam.com 2 redirects
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 ads.playground.xyz 2 redirects
2 cs.admanmedia.com 2 redirects
2 tg.socdm.com 2 redirects
2 pixel.tapad.com 2 redirects
2 match.deepintent.com rtb.gumgum.com
2 sync.ipredictive.com 2 redirects
2 dsp.nrich.ai 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 am-match.taboola.com vidstat.taboola.com
2 googleads.g.doubleclick.net d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
pagead2.googlesyndication.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
2 id.hadron.ad.gt cdn.hadronid.net
2 fonts.googleapis.com cdn.taboola.com
client
2 r.scoota.co 2 redirects
2 openx2-match.dotomi.com 2 redirects
2 nxd.adhaven.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 cdn.hadronid.net extra.globo.com
2 secure.cdn.fastclick.net extra.globo.com
2 d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 t.adx.opera.com 2 redirects
2 u.openx.net 1 redirects extra.globo.com
2 sync.smartadserver.com 2 redirects
2 www.google-analytics.com www.googletagmanager.com
s3.glbimg.com
2 cs.krushmedia.com 2 redirects
2 www.youtube.com sdk.mrf.io
www.youtube.com
2 trc.taboola.com s3.glbimg.com
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 dis.criteo.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 sync.teads.tv 1 redirects extra.globo.com
2 htlb.casalemedia.com ads.pubmatic.com
2 prebid.media.net ads.pubmatic.com
2 ads.resetsrv.com ads.pubmatic.com
2 a.vidoomy.com extra.globo.com
2 usergate.globo.com s3.glbimg.com
2 horizon-track.globo.com s3.glbimg.com
2 client.aps.amazon-adsystem.com s3.amazonaws.com
2 eu-u.openx.net 1 redirects google-bidout-d.openx.net
2 events.newsroom.bi s3.glbimg.com
sdk.mrf.io
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 s3.amazonaws.com securepubads.g.doubleclick.net
2 globo-mab.globo.com s3.glbimg.com
2 cocoon.globo.com s3.glbimg.com
2 oajs.openx.net 1 redirects extra.globo.com
2 cdn.jsdelivr.net ads.rubiconproject.com
securepubads.g.doubleclick.net
2 ads.rubiconproject.com s3.glbimg.com
ads.rubiconproject.com
1 grid.bidswitch.net s3.glbimg.com
1 am-wf.taboola.com s3.glbimg.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 ce.lijit.com extra.globo.com
1 sync.technoratimedia.com 1 redirects
1 video.seedtag.com extra.globo.com
1 min.tryiqos.ch as.ad4m.at
1 www.conrad.ch as.ad4m.at
1 matching.truffle.bid ads.pubmatic.com
1 green.erne.co 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 unified.adsafeprotected.com s3.glbimg.com
1 js-sec.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 vidanalytics.taboola.com cdn.taboola.com
1 vidstatb.taboola.com extra.globo.com
1 match.adsby.bidtheatre.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 idsync.rlcdn.com extra.globo.com
1 media.sabio.us 1 redirects
1 imasdk.googleapis.com s3.glbimg.com
1 cm.adsafety.net 1 redirects
1 ads.smartstream.tv 1 redirects
1 a.ad.gt cdn.hadronid.net
1 a4548.casalemedia.com d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
1 imprammp.taboola.com vidstat.taboola.com
1 cdn.adnxs.com ads.pubmatic.com
1 pixel.quantserve.com extra.globo.com
1 odr.mookie1.com sync.richaudience.com
1 s.spotim.market visitor.omnitagjs.com
1 ced-ns.sascdn.com csync.smartadserver.com
1 id.rlcdn.com visitor.omnitagjs.com
1 bttrack.com visitor.omnitagjs.com
1 jadserve.postrelease.com visitor.omnitagjs.com
1 inv-nets.admixer.net 1 redirects
1 sync.adotmob.com 1 redirects
1 image4.pubmatic.com visitor.omnitagjs.com
1 csync.smilewanted.com 1 redirects
1 api-2-0.spot.im visitor.omnitagjs.com
1 region1.google-analytics.com www.googletagmanager.com
1 0f708961b8f1feaf0d154d64eb24d8ba.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 cm.adform.net 1 redirects
1 pixel.advertising.com 1 redirects
1 ssc-cms.33across.com cs.seedtag.com
1 stats.g.doubleclick.net s3.glbimg.com
1 cs.seedtag.com t.seedtag.com
1 tags.t.tailtarget.com t.seedtag.com
1 secure.quantserve.com t.seedtag.com
1 cdn.permutive.com s3.glbimg.com
1 d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co s3.glbimg.com
1 px.ads.linkedin.com aax-eu.amazon-adsystem.com
1 dmp.adform.net 1 redirects
1 ads.travelaudience.com 1 redirects
1 cc.adingo.jp 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
1 ums.acuityplatform.com 1 redirects
1 s.tribalfusion.com 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
1 d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app s3.glbimg.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 dmp.brand-display.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 ivccf.ivcbrasil.org.br extra.globo.com
1 ads.vidoomy.com securepubads.g.doubleclick.net
1 mug.criteo.com extra.globo.com
1 gadasource.storage.googleapis.com extra.globo.com
1 bcp.crwdcntrl.net s3.glbimg.com
1 esp.rtbhouse.com s3.glbimg.com
1 horizon-schemas.globo.com s3.glbimg.com
1 prg.smartadserver.com s3.glbimg.com
1 bidder.criteo.com s3.glbimg.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 horizon.globo.com extra.globo.com
1 globo-ab.globo.com p.glbimg.com
1 p.glbimg.com extra.globo.com
1 barra.globo.com extra.globo.com
1 extra.globo.com
1 cutt.ly 1 redirects
0 sync-dmp.aura-dsp.com Failed d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
0 gu.dyntrk.com Failed extra.globo.com
0 sync.tidaltv.com Failed extra.globo.com
0 aps.zqtk.net Failed extra.globo.com
0 sync.search.spotxchange.com Failed cs.seedtag.com
0 id.qa.globoi.com Failed s3.glbimg.com
1051 274
Subject Issuer Validity Valid
extra.globo.com
R3		 2023-08-18 -
2023-11-16		 3 months crt.sh
s3.glbimg.com
RapidSSL TLS RSA CA G1		 2023-05-02 -
2024-05-02		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
barra.globo.com
RapidSSL TLS RSA CA G1		 2023-05-15 -
2024-05-15		 a year crt.sh
*.glbimg.com
RapidSSL TLS RSA CA G1		 2023-05-11 -
2024-05-10		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
globo-ab.globo.com
R3		 2023-08-09 -
2023-11-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
horizon.globo.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-10-22 -
2023-10-23		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-08-26 -
2023-11-24		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
horizon-schemas.globo.com
RapidSSL TLS RSA CA G1		 2023-03-15 -
2024-03-15		 a year crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-09-10 -
2023-12-09		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
cocoon.globo.com
RapidSSL TLS RSA CA G1		 2023-09-07 -
2024-09-07		 a year crt.sh
globo-mab.globo.com
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-07-10 -
2024-06-21		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.ivcbrasil.org.br
Amazon RSA 2048 M02		 2023-05-01 -
2024-05-29		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-29		 3 months crt.sh
client.aps.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-19 -
2024-02-17		 a year crt.sh
horizon-track.globo.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-10-23 -
2023-10-24		 a year crt.sh
usergate.globo.com
RapidSSL TLS RSA CA G1		 2023-04-24 -
2024-04-23		 a year crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-09-07 -
2023-12-06		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
ad.lkqd.net
R3		 2023-07-27 -
2023-10-25		 3 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
resetsrv.com
E1		 2023-09-13 -
2023-12-12		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
*.adingo.jp
Amazon RSA 2048 M03		 2023-09-13 -
2024-10-12		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.lkqd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-10 -
2024-07-20		 a year crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-27 -
2023-10-22		 3 months crt.sh
*.prmutv.co
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
api.permutive.com
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-04-15		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-09		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.spot.im
Amazon RSA 2048 M02		 2023-09-03 -
2024-09-30		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-04 -
2024-04-21		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-16 -
2024-02-16		 a year crt.sh
s.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-27 -
2024-04-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
update.indexww.com
R3		 2023-08-17 -
2023-11-15		 3 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-07-23 -
2023-10-21		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
wrapper-vast.adsafeprotected.com
Amazon RSA 2048 M03		 2023-09-17 -
2024-10-14		 a year crt.sh
*.aniview.com
GeoTrust TLS RSA CA G1		 2023-07-15 -
2024-08-14		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
min.tryiqos.ch
R3		 2023-08-24 -
2023-11-22		 3 months crt.sh
cdn.stickyadstv.com
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh

This page contains 203 frames:

Primary Page: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Frame ID: 40FC19C3E6376AC0BD3666D404B1767E
Requests: 265 HTTP requests in this frame

Frame: https://id.qa.globoi.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=extra-comentarios%40globoid-connect&redirect_uri=https%3A%2F%2Fextra.qa.globoi.com%2Flogin-callback.ghtml&state=51643c06-6f0f-45eb-9b0d-18430b471853&response_mode=fragment&response_type=code&scope=openid&nonce=6be8fd61-2b78-4afb-a96c-131ad94f24f5&prompt=none&code_challenge=QdCxM1WZVHSMm0_6iAaJ2OFi6ShsfBtmEYvvBUBjUxI&code_challenge_method=S256
Frame ID: B35BCFF593527FCE8D37C8EC4586E6E0
Requests: 1 HTTP requests in this frame

Frame: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 754D49BC4B1A4FC6DEF8589D59F4CA47
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&dcc=t
Frame ID: 47B943DC9A98236EC4C073521FB07417
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-TPMBMXS
Frame ID: 00C95E65AE9E0C71FC18A893476DB781
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=extra.globo.com
Frame ID: 81985249E79907C1AE7DBE9BDA9654D9
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-NXVN776&ancestors=GTM-TPMBMXS&restrictions=&gtm.url=https%3A%2F%2Fextra.globo.com%2F
Frame ID: 3A59BA443FBF0A5961E7A7349B6CF985
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-WSJ4QJD&ancestors=GTM-TPMBMXS&restrictions=&gtm.url=https%3A%2F%2Fextra.globo.com%2F
Frame ID: 8040BB2820939250BCA31F70193ECFD8
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-M3GJS46&ancestors=GTM-TPMBMXS&restrictions=&gtm.url=https%3A%2F%2Fextra.globo.com%2F
Frame ID: E3DC4727DF74155FEBA1D114C3995DFC
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-PFFQ4H9&ancestors=GTM-TPMBMXS&restrictions=&gtm.url=https%3A%2F%2Fextra.globo.com%2F
Frame ID: 391BC3064B611747DED7A53BA8018673
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuu8T_MvyX5VqtA8lCatuEWDdk_uf0V5CgZahF-Ug550HI_w2e6GsXVfWFn1nholG61d2yejVKPz_uvoGEj0QAnnxZ56QcFOope_Al-Fajn1XKMre4gv3ARrTepSbGnPzy4OXCoBgSReG7n4DztUd2p-BzvNfKyNl4wlQUZgHS3oGqYn5U_kV39QIzHmOREp-Wf6fwAcYCgn1g9w4JKEXDcGKrPeyD5aRqyopv3M4izXP6IW1KP1aYrhEyGhFnXaQFBWWuL0CKU_JGzxhZbYkABL_tVwO_fJv__ALELj7fVwQLpjU4swrpHWXFqQ6xtTBZUH0te8ywcAIOV7YOu61HN-mLa1lXmzHyp&sai=AMfl-YRgher3K_py4KzJdAtiwkMuir50QbwOCbp58xN9NEIP38nLtvEifjP0-9HBQkGI7c2GFtABceQ1dU7htXrxyvQjVxV9vW91cmGa8NHZ8nI9o5nD1L1jQZAxGrHQ-HLlFyApyVVSvBayVYxSPCY&sig=Cg0ArKJSzMrmwhD4VhOdEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 139E53FB237AE8BCF3BE4C610D4F34FA
Requests: 34 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuG2FYHiWKAQCBH-CPHwp3oYS7CT4THZwWFukgcvdwDgxHeF4PPo00SUNKeiPfvTJ8qyOSoXwNIZ3EU1j3xn0bnxh5jdXXbPsjnEtPHimuO9LVrtjdenDeT6xwS20VRaRKqoEhoR2z5saIXzOLo6CKI4km2G6ZLBQzNuuuCI_nvOQuKMAItV5Pluv4z8Vvi52cGz2Bf7YmKFMYZ3rX8H-qCNwfHtfhEjgx4fxl0mqh8fz68OXQaI5KQ2EUcXPDxWam0NA2dU9YpZaeeNvtlTKZBJe5TZL5HgzsVf0zs3IhCpSsuYYwBXtKfcj84kI5U4nVqjTKOGFxhhURYE_X7nWN_XpVcm5IaoVzg&sai=AMfl-YTMPBVAktEm1-XwInhnK4ABJOHFdmhr8zDLMRcuBJkQhMAp-86axHFX-d79RsWF4xR4Ep5iKKEQlP4iKj2Ay-FA1nhCfNJXC_6BPHCY8YKJ9TzgBIoF39NDp7VTrTy5wd57E-YxTJVjzOENU4sW&sig=Cg0ArKJSzFsaDrb1and3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8867DC9951F6C66E499467C71E00977A
Requests: 35 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: FCC6D630A463DE1210C93072C84B99E2
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmINGqQijdq5jbTcRPN7W-oVsCN91_43h5NLxXGZJFiazvh3_q25-RFj9CJuU9NtaIfg0qFIl0LpLmQHW4roolXkCZy2vHq4DngslZL6Nv6JvU6MsYKW200cWHndzvkboIqV3CE1DetxkSPX-5cTRlVQRqciYePrlG6ygRY7Y0EW7Ou4a6K9_myVrpM5YCudot8RVKqIr2oy2a-zPgYazHZVgi3CWwFgbsKgFgfzr_MMFribTbd2z1I6LrzQLt71s1ZjK-4IY5qqEfWSKuQl4n1-53p9W09pg7Hs7r5dRyNr7fdy62pj8nhtRoY4WET41n0dBC7QRkpgfAn9e9MVBanh5kplLI&sai=AMfl-YQ5p_MJb6dEB3Xetqw1fQb0ZWfnPXPaH7BIJDT77qxARsYqlHz2bOmjvNaxZTNxYzdGr2B6vWhAy9b3ZeiZKZT5TsgKj2ql6JDNTSwB6nOHZQYDRZK8k6kqK-9Ofw&sig=Cg0ArKJSzEaqokbMaLKHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2A1D8DE2588AE67A59F0A99EF4502678
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7-FwZvKPFaQcYDvtSjmXdOJdPvqzPwemgbRVXDdiRUgktgtoXFL2fdmUiUF7LnapNn3TH5G0sJXxsSjKyqSxpxo1dp6AeAEnFfiybcnqJMv2EMiGP_xtcGLtO-fTTKTpKH2gCudicpViNMHYUbcde83r8LVAh5rBWw2WiduHHaZnmLIdqLSaV12QW231Gnc5o76Hj8roNGxTYLFDNOBSh_OVGsr557nMK3FoN4vYRTYk_46ROQfYIM7sjR5Ws1vR9QjRj1kujjNi99vKMcbWqBxwhX-s3ELTP5iOzr0CMfRBF5VbBRG5UQ7qri5fkbHpWCIeNLYfE7NRnFnNifTTMilGsXwB298zGqm0_EJzNQZklN9Q&sai=AMfl-YRVUXvT99y58OYPCvD0J2QE2P8CF3mMOCkX008N8OCUSfF0hVwXwELuu52fxfzBOKK1ZG89GYaFuVwBOMevEC_HtFphEul1gPGg1wlo-hlTM9SsSZYlMrtDQRlzD5C_wg&sig=Cg0ArKJSzHwaAg7Sv_lOEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 69057A54D74D88F7ED515BD135EAA4F7
Requests: 35 HTTP requests in this frame

Frame: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4784FCEC6D465EED40B5D897735F1FAE
Requests: 8 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 9C2E9AD2B1DD9F4C0581AEB77AA81373
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 4DE2A55AE4D95117F55F799F0012DBE3
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 3325B5D35DD34A2BE03DBE4AA3598812
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 442DC3A9E12F11F7E67FC738F226F164
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: 88F19C2A9B9902357C9E923010D376CA
Requests: 12 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=906539967438444046&gdpr=0&gdpr_consent=
Frame ID: 12FE13DEDAD7482BA37297BC8AAFE1BF
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQAIFRgK4GqFAA5jj-wYajExDSNNZKTUZA&u=%7CXjATkX2pIQO4tJVT%2BPOEp5ZFlMOS%2BndR0Vj9RY%2BDw%2BA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2Vb3kdStZ7KjJ06lXPoxjyDrf3QU601MhbxAs_vHxZy0pisJYVD-tyb-q_1vCa7TcRxU_msRkblrmKhoac6Pr4C8u609e1OtgnZWl99zP0SnUsmwZqG9P0TUDvfWyxEb5_OeZDo53Z2f8qw2BkCVYNWbk_ePY9N36cpFNBOMluAmzVzKW3HWqCleSJLD0DsV4BeEMXeIOCbmzir_lXNIAtzqvhAB913NdayTfrR7oeCklZxhfXodD0x-Oulnf2PqZeFBn8tKYxLGUjdJ5HZhZBRTaeuh6IFo1pI3LBIIz95BnSmE7lZFCebVF9XbBWYuzkA8D1cY-c56g8aITN_yOPx_CFSuq52u1PfB4gh78DAAXzyvzcmqNFcIQTBFnrWYVC9A5RALEqX-xxBFM0VPT9h68hXteXLAeWyYjwvF-i6BlbsRo7Bl5ReCuOt13lBIFFiwh1XGcV4SBr1N6Q8D4n36dGfRxkklYUbTTgllZvJY0OwCx3b4-Ct-iub4WgtnwEgEqwUeBjLGWPdDLtMALRfynk_rs31NUlYUMQi8UI1B4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtIeKaMLZZiqIIXVgQePx7kYyZ7SsVzVnZH3cMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJqQKHagKEr9-xPuACAKgDAcgDAqoEsANP0NwNOGiRRyEWz2We03yk365GGqMB1nKNcXrj3bTx_iYaHNLSRLwM4Cbc65dLbU5cqLOserikk-2UlyvY7o-LUnAGidmewCsm-OisSLX8QKd2_Rnd7e1e8t8M2gpF2k5kpqwZiQxf1CAbsZ_0bcIUMy8D0OfNrJ9nJoJZirw6zeqzvjsP0Hda3unCQ0dWd-DcgwnSchXGwWC0jhRTY7cj7OZCcD-3Mm66ew8cHxQKO_tl5P9uSdtM0EFjhn4sdeERMsQdL6pz-r6K4cApziyYJPTFhsCkm4sVO-g8z5u_D7dwsqR74dqPXNNKD2oJxgjxVVz8-MTS9nVCHLdSIAVC5Y0uBqNKVMTeijDJ4bYCjsYwR8yxJWhQfVIf9HWegPoe4Z-KOzprH6-ZZuf9NtMRnTZ82SisD24bIoZs7Ft8qeCKDFhzpJwNWuRdEn9XMQt8sHG5dwBc0wrLPQJF4Z7IcqpTbVOcTayICOh-dHJdLeYRlyQL4q26MbGnlljMHDDWHaZw0OML-3zLqyf9WwGGITBKe3r1jmiF_RKbBpyQ9_39RrZmixkc1HQzFkMZyBjgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OhEf1XLEgmNYCqnckCaAqryxG9g%26client%3Dca-pub-8828587149473437%26adurl%3D
Frame ID: 1A3259813FBBD714F69D01AC0518C395
Requests: 15 HTTP requests in this frame

Frame: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7BDB6EE5291B5D3256CB0116B8035F84
Requests: 9 HTTP requests in this frame

Frame: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7B0F81172A61DA0FB5849A36872ACA75
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQANS_UK3oybAAyIvCpqjTFF5NKTH8769g&u=%7CXjATkX2pIQMvags1HSAP1Xb8sZO4B3C15X3VZHFq4Qk%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2VbjBE30yWNVeKP-DrcZK6qd_0LxqtSDAZxv2BjuWqB9fvfvkS9v5w06kORLnDFW4WFHWZCGveMIXJ2_HgVihJtftdeIwXVT4D7BVnfBbApVDJkT3fhjLCHSKNbdEYzbMiJMH7OtBw4ZSdfJUN5BibbbJ5l5ppPmlUSpwq1YVMH4zvYpZqW2C0tR4le1JdSyKEo2F8wjY8PlyDYS3p4PuHhF-36NwrHCXMO4z59plZ6tNYo3ebAyMWH68tRvW_3K_yWH1TZfhRghzMwM3vM7kzx6WQIYXJujvrxEy7_3UdsE4caRACRUirbE5q0OEUwOCDn8-SBX4RdXLy0wBOhGwJyREx8U9MfI3EogQ_TFG5DofmzHfj6Ea5uYDb9Y1LjUz1dN0j8B4zNvMIPkDGDlGYcetd1eB5lepZfXyyHCQ0BD6qHU3HBPHkhnBK1jTN4cwUrU-NeexsvkWS05SihvPqttQqBcZIJDhXwy6TERkQMNU5QfO_FGgPZg4otvA7Ds8egYcBUCySIMaIvP8JWvI40Zvt_HmCIXwF5ePu9m0VZHPc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwomaKaMLZfWXNZuZ-ga8kbLQD8me0rFc9Z2Y93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCujd5SF7isT7gAgCoAwHIAwKqBK0DT9CB_btKipgKfAsQnSR3Mu9etGmWuKDi3OHsGX-5FbBgSNxWAjWbmxGAefL9Jy_S39N_5pHyBgZncmTsAPmw90AAbgxjS_ugUcjMpX8Y_nKlNvP-RwCiBK_cVh9XaOY1F1XyYPmGFKOeSRDVXkA4kTc8qatZo2SxMCGoDKXURieu-LJbw1J7dvJHoOs-bzaOoE90Vs0nhAlCCITu6IsKaA2oZpf97omYZ-RkQtl8j3ELZTKWZVWdmFtzZc-gaSTheICfrgT9TCWj8w77d7vt23muZGH_C4KzxLkkrRobSrz8ksWotMMvj_99oCX1KplLf61IAdiGaG82i_WUljzcSh5RkkKXFQzw5zzugeS3GFYlv1aTeFZH4BDsqJF2pnVT2RCEGJwv5XtIj48X0JtlQWoCoEg2WBtGBkxet-gQmOZaxV0EIlLrm__LfD3x2OZMPZhGrBhywU-76L4WMp6MjgUr-8x0eLIIqnwnsnpbWjbri6IrYhYVcz5amzZ7dujy_FAblJft3L3CJ64atpMBk1Gdv_sULjHvYx6o-hL-XycEveNzcpRZU_J_kXz34AQBgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvi_STlc2BsAZ4UwDyyFP2He77Q%26client%3Dca-pub-8828587149473437%26adurl%3D
Frame ID: 2155E6BAE3934D8D96C2685BA38A23F7
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 488DCA477A9C5C6E46F5A93A86CB56B0
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Frame ID: 7CC898D246A16559D9434F30836F0580
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 818127C91AA912A0A1776BF29DD2DE92
Requests: 9 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: B7AB0F458F5418254569A27BF332D65F
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: CA68E110D1632D5FF05698E60D06A086
Requests: 2 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: CFC16E4667B18392A22F86816590B2A1
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UIDB499B7AD-7917-48EE-AC2C-59DD92D48E33
Frame ID: 97EE07FC3E1D0978E213B4225DA199D6
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 8A43D1A667FAC7B6A58B38A93D3D953B
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: B2543361921D04C34FE88FD03B99373E
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 970175504109A7B4F475318175710B73
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: E1B8E9E6A8435CDDC48163CB2E643EF3
Requests: 22 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: CB755296E0E53FF5FB81A05388BAFA2A
Requests: 3 HTTP requests in this frame

Frame: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Frame ID: F1307532C7F8AD4EA886BE0585382F36
Requests: 19 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 9A80D2F3083C4A7670670584C35FDDE2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Frame ID: 2F8292188635898CC5310C36C4B34949
Requests: 4 HTTP requests in this frame

Frame: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Frame ID: 42813F9ABF40128FFF62C22095A0D5C3
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Frame ID: 232DED3F5103B35700C38B365B187396
Requests: 3 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1695261484783&pubconsent=&euconsent=&hasConsent=1&rd=1
Frame ID: D2302DC87A2DB9B8FF7EDDC45CDA6CE7
Requests: 4 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
Frame ID: 58381EE62E05CB6D432BE24F13D6F1E1
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Frame ID: 9DAA05FAAB744D2CD17E54EB86E76C55
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75601b04186d260
Frame ID: F1FAB454E4B8B86BE0FBFA5B0CDFF5B8
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 226EA60852D0F73DFD25C7167156BA4D
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=lIBltm0HGXpD&ev=1&us_privacy=&pid=562983
Frame ID: AE68445A419CB933D8EEF0BDFA205C1C
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 25CF673817FC340E9132FC8C5A6CE6F8
Requests: 6 HTTP requests in this frame

Frame: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E4A4B6219CC4975241109A7C6687A163
Requests: 1 HTTP requests in this frame

Frame: https://0f708961b8f1feaf0d154d64eb24d8ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4B0D78908E2C0AE83480F87647FE2D72
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift
Frame ID: 0A0E4B7E102B0A5327171C9D29A278D6
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift
Frame ID: BB45010C936EFD26BE08F5E52265E25D
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: FC3730932EAD48DB170E79B623A913C5
Requests: 3 HTTP requests in this frame

Frame: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Frame ID: 8ECEE174F1FFA8ABA678D0BEF4A9B8A8
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: E0F0229DC49F1D46EAFF3357DA0750F6
Requests: 4 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Frame ID: 47FC307820CB3F223D9EC41AA59B922B
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Frame ID: B5EE224D0BA000233E1F6287FF01729E
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 279EDF347171703E1B9A231F02DE0889
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 383A1A66A28FB7703D11E5D5D06CF76A
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: C74BC2062CAEB2C44ADE9336E130E07E
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: 7B40640D412534EBA043EB41AB757F06
Requests: 6 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 03E4D93920E3E9DAA17B41E88254C656
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 6D7A1415ED755C18846323134EFD823B
Requests: 2 HTTP requests in this frame

Frame: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 2B67ABA0DC22F9BCD3F4566274330DD6
Requests: 33 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstILg32aqIUDfrG1dps7bVrPSqDQugISM5IKqVBK3lQSUtVfJIDk3XIrklM9VirYFmSL4k1Dvqve8Cv1rNXTyy6U5vuSqOtt9NVouQnIWz_nYVNXZueNinUUZc-ygCuLRlsjDkPLovr1sU2dPIIwdhlpWNyx_jjTXfBm7TgAlv4BKgVjBkiwJK-UkVFNcZbTsF2xN1a-G0bw8wj-DndCakuJqNLT_NIrFjPAHCZMILHRgqDDvZxc1b2RG5Y_Qljj7eHGAg2b8RDsxsJ4b815kLRSLl70brRKL-oL1AY0kSC0H2_qq9vWoScR3C7jWV6zKYx4o0_cDxtja4McA1a5BIiEkvXW_lHC9Ga3w&sai=AMfl-YQp513ejeytB_xP3tFoh7BDW7TTSoXg1V4Ls-NP8aImjzSdb_vxDRTPTNBUIrnJ5SieRLLMt-emrKsUHwmkoMi6DQrLNlHEB7bkneyFxnPUkFqKdex-tpzNZ5RKpAw&sig=Cg0ArKJSzDc1FDEYk2BxEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B062BD7B20FB4639BB302416097C467E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B1AA75A7109B65749ACAE5ADA3A9EE33
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 54B3A564DCC8266328650E4E0E3398B0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F8C482C20123C0A0D3D65FB06B35A06A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C12013D9A1A614A1821C0DFA9D0CF0C8
Requests: 2 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&cmcv=&pix=undefined&cb=1695261485694&uv=3341&tms=1695261485694&abt=expl_vE!nonrv_vA!tbt_lit_unit!ufm_vD!ul3342_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=424acf55-9663-46d1-913d-ae6a047c0de6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 6E66FF079BFFC639568EACB46637B9C3
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWkdIt1z2q06Qbe8bxW3JRuxJSnlRxGS-8zc26oCqqrVafGZxV4uSeCCdzFRXwP99HwiEW-D_qgKYHLcewlBcrHTxWMhA
Frame ID: 49F10444B8CB4EBD2349DC580078A822
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 8A8D5E03F5CCB6079EC8EFD87353C83B
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: DDF433A30598B43764FC10F836CF5906
Requests: 14 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 169606F1ECF4B90801100FDED14CEBA6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAIki6A7a9z0wMNjJLUAAAAAAA&expiration=1695347885&is_secure=true
Frame ID: BAB57ECE029A65E6477372DB1E6D85A8
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=7078119663561859382&ex=appnexus.com
Frame ID: B9A2678CCE3632E666F9B1581591C8B5
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: E78F7173BA0B6CFC61B1DAF3CE1DF878
Requests: 14 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 681706D2B88DDFC0835E95E9AC44127D
Requests: 1 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
Frame ID: 5FD4484D77131D2456296E214D60B8EE
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8790&pub_id=1980867
Frame ID: 1C9AAB316B0622B48CA503990078EA77
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Frame ID: ECFA9E34969AB31562D7CEB634326664
Requests: 10 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=644680&extuid=3924388147102839183918
Frame ID: 7696D44497DAAE5FCD776A5F79A08E09
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 96DDA6E31DDF55F50A390593B7055A75
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Frame ID: 111AB7E0FA3E523FF88078AAC6C8BED3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAH9u2Vzacs-gNpQnLkAAAAAAA&expiration=1695347885&is_secure=true
Frame ID: 9F0A86CCFAC1A423597F51D4927E8C4C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=7078119663561859382&ex=appnexus.com
Frame ID: 6020EDA48A7ABAAF0747E60EC1CF1116
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Frame ID: C860D47B525347241B234583A4287CDE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 8584DEA90FC560435D70A3DF11008556
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: EE164E73D862D1457F63BD5FCDA8E2EE
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=1945593063401236011&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
Frame ID: 162B99C889DC172F4ADBAAEB7B95D844
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZQujKwAR9Vc2rQAb&gdpr=&gdpr_consent=
Frame ID: 4EAC37B84403C315FA060658CAF9E140
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lNTEwMmM4YS1kYjEzLTRkMWYtOTZjMC0wZjg5MmFkZDBkYzA=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 4015CE53378EB5D8C62184B25355A8CD
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 7BB86E27964E93652581BC09D5AE194D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 2D1F693495499C84D69693E50DE49AA6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZQujL8Co8XYAAEBQkEoAAAAA
Frame ID: 2D2D8CE2235B3B7DEA29D2440381401D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=8853a951-6dbd-484a-99d0-982ac1e58488
Frame ID: B4113B8227E68487B30C72544D65A28F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=yUyoNLW9ZHw7nDJpwtS0&pi=gumgum
Frame ID: 3E1EB693BBC49B329FE43B52815CF616
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: C5DC33212AE020AD4B4C12C32BBAF933
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=1945593063401236011&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
Frame ID: 0D4543F31B81209EB294521A65A23086
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZQujKwAR9Vc2rQAb&gdpr=&gdpr_consent=
Frame ID: 6277E185ACE09231D21683CBA9CD8E44
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hMzI2Mzg5OS0yZmEyLTQ5YWEtYTViZi03MTQ5Njk4MTRmZWM=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: CE2F60281FAE1826B36386B751EE8925
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: D172CD352BBFC9F37C47C9ED65DA9ACA
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 9F5DEA7F9826C8E9F8A6963C2184A35D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZQujL8Co8XkAAGUZh3AAAAAA
Frame ID: C2383EEAA1472786E2DCD4ACED41EC11
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=e52f791e-e6c7-4c00-a345-1c6e3772b0cd
Frame ID: 22550D3E08CB5299A8634381AD31FDB1
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=yUyoNLW9ZHw7nDJpwtS0&pi=gumgum
Frame ID: 830FB278AB0DA58C877379D3B1040064
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: CA1093ED2826220978120A30F507356E
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
Frame ID: A208F72B6A5915104E801381ADE9B6AF
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B499B7AD-7917-48EE-AC2C-59DD92D48E33&redir=true&gdpr=0&gdpr_consent=
Frame ID: E76D69C3355073DDC7DB8C4750ECCA29
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7078119663561859382
Frame ID: 78961482243C01B89CA0E79918EA5A2D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7078119663561859382
Frame ID: E76C212E7EA43C53A54832FFDDC7EF5E
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
Frame ID: 98DDB0F0F0F5EA1CF6A25727044D1016
Requests: 1 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
Frame ID: DDC5E6011F6AB416F68BA3D83BC26835
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 2BD86E75DFA9293ACFA8319F509585F8
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=448580&extuid=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Frame ID: 4F22CFCF495E7F636A863E243A9E6BEB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0D6C586C9B83D2299B5FF83E639E616F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3505454D159B038A8C95479EBBFA6D2B
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 6A0028D9FAF399739DBA191D315B47AD
Requests: 4 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGosE7KF0YAABnKmyoZjw&gdpr=0&gdpr_consent=
Frame ID: ADAD7E923D739FD5FA1F0A485323FA59
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 7A96B6B3428A86A5DF1EFA058B7BF425
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: AF14D8FEA004A515E208B989F4C7FC94
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdd1964431d80457ca9ca37e876c7cc5e
Frame ID: 16BE3EEFF9FCB9B7F3DC6794A9FB6693
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UIDB499B7AD-7917-48EE-AC2C-59DD92D48E33
Frame ID: 70BBD4B54B1B6AB32E28EB11403EFA28
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187924&gdpr=0
Frame ID: 84026FEB2412B2B282E73D653C0B2698
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8F6B03CE8D02B3F44FBF7D3C8906FA2C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 02C01B0E4B52B99D32A30874C197498E
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/ias/v1/vpaid.2023.05.19-19.29-6622210.js
Frame ID: D32BB371FD39468580F8BB75486DD8DC
Requests: 10 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: B32B44E704F179F979D5DA18C5DBF66F
Requests: 1 HTTP requests in this frame

Frame: blob://https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/4b838e1f-a452-4508-989b-e798c5232c66
Frame ID: 2E531D29F62BCA6E1BF340239DF5233A
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 23A9835320B5D87A9495A9FCAF21AF4D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2847261290142645612
Frame ID: D69CC524A7C7860837E54D48748D2280
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210827160926938
Frame ID: 3A972CC5602CB77A07BC3E1C30E012CB
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: FB2D21730758FB9B3CCD1624484680B0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
Frame ID: E63A910E5A03D2A94FB6659DAA0EAC9C
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 4AB1E14F52420BE2C469015E7F03C1B7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=9d5vj50j2vr6
Frame ID: 608950CE3BB58DFD4BE2602FA8561162
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjSbWUhTaMYhaSSMS&gdpr=0&gdpr_consent=
Frame ID: 2A2BAF9D3342A911053583A91989822D
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: CE90DC55805DF804EA318FB61CA95A79
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2EFA5667346448F8AB63B285A5ABB642&gdpr=0&gdpr_consent=
Frame ID: E1BBB4DFEA7D69C3EF56ECD34617953D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7796042916
Frame ID: 6797713C11B756BD3C16C738DE0320F8
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Frame ID: ED020ED86AC980DD228D7F4FFF1B45AF
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Frame ID: 1FBDC32754E68A8B76C153733F4FE601
Requests: 3 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Frame ID: 09BEE489738F835827922A424498BAB4
Requests: 5 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 41773837F3808D439B4889887B43EB15
Requests: 2 HTTP requests in this frame

Frame: https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Frame ID: A99D14811D227534DD4ADCC580585C40
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Frame ID: F97A76CAC0295118A4D96D2F7046B02B
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 6F153B4A75A09B7406F81C5767B4F151
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Frame ID: 92DE9B4CD9A5C568B46E021FBAD520FF
Requests: 2 HTTP requests in this frame

Frame: https://config.seedtag.com/libs/@seedtag-ads/creatives@4.30.47.js
Frame ID: A75463C6D05C58FB3F61933E5921FE48
Requests: 3 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 6618368CEC50825525107BEAF3432047
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 8D8F4C31D2D87001DB5A962616723AA5
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329291&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2CRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CQx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV&c=728&d=90&e=&g=81db5544978d0901e814cde68bae6ea4%2F14132338960290869897&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695261489030&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC0nIvLaMLZdOXAd6g9u8Pg7aPmA7E_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAlqJkWaV77E-qAMByAObBKoEkwJP0BPHGRF8VHXZIi7u03xCuicUkvWSte4Zs25DrieC4vn5y1RPNIgeRLIUHhIvHf61EBjpl2tMQwE5XjPZv8T0l7angG6BWBTqaIf93JDcthdb4JcRDLb55xT2fvYug0d3W-uk259OMvwHPiZS43K5iTjsHE8N08qE_gQx0zjA1jBgxPuQD0_KMBEcEJByG6b_iB-3Jd5GfKyHxttTPnslYVSmQ8BHTVilyr1oC0x68WW1tSmlxr0ckOrBaA3lPHifzWCWwrHecqPUwfMx4V4wCpRv54drArU7-1BSKIvsFsw0fK_4yzEmypzQADLa_GE8rnYlG-JTS8TlZAEniWovWhjsF9H7PUiHuJLWMk3yZESCyMAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMjk1MDEzgAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIk-L2lM26gQMVXpD9Bx0D2wPjEAEYASAAEgJWZ_D_BwE%2526num%253D1%2526cid%253DCAQSQABpAlJWPQoz98peRfo7CH5D4ZuOJf-qGYgNJNCZ696YMvynKZmZx1SCA2pg5J8zr8o3UMsf29eZvuSXzLQQ2FIYAQ%2526sig%253DAOD64_0aRLjirbSVIXfl9ZffUYIdOqbM5A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DROX-F3-i0Rt1rSCR-xH9m6E7f8-f07qLDGoYnIW6d0WzoRDPIx5Qw9DEso3ccDbOLhZX6-dPNn608TziDV3b8IfEaZZxT3nwVHFswMlty5qDHWkWW1yIEnrCUGdVIolKtElkWcWLcLG3ZHugnjs6MKTkcMlK8dcANl3qLGtkjYeCJ30M%2526cry%253D1%2526dbm_d%253DAKAmf-DZRzjJ5S3CqTA0gqzuMOa8gSqVUKvnyq-yK3QkXq_vM1Fik35GMjlOv6Ycv07zx9c8Zdwh6siFO8-UX16JpMWqXckbPW_v0GTKeJMD9DCGi6H8ascfh7SUR0sFZoSgV13_aQk4g36kjRXFKl6UUbCoeCMOTaQCesTkEiyAp8Dqq_xjYo8LMDV0kIEyfRPRtljOURL9dGkZXtwRVWsUNj_-2GwWzUkHWV27L77oBUwuwcOgMOQJ1j-dw_073a2AvEXgZIY8up0DAa5JV86nzCH6RT9uhjd09nVcNqtqcEIq0WVPn7nvIelqDB9ho_89yxDLGrDDXUBuHXnuOjTN5t-obFWrl22IN3DTzDTyuAirc_0WmhuA_M-TTtnTHlTHO04cKshWgtMZFy56t61IsBtvbl7KRUpWHZWrsMaWWhiemid0GwgxZ386iwo-Vw_6p_lgAlJpNXd55yv1-edcjwjV96LyCsk87JBys7T9oLCYleR06dHe9FX0qZ-HwMI5VhJAn4eroC1QNscFG_W88XqavtQMQXZPA6iT6cjTk_wj-BD1qDlfl4nNEXCuoRNenApFl3OocSy3CRR9CrF9UfvZnGCwcOwb48Z9kiB2ItaPnQhXFID9x8s8ffcETDjTzlgmIVA7s06JmgVVOikZGPEC6Eq1JxCU7AwFz8E5MVAp0bDIV2FPpAgtBruEoSB5rU-450Ud%2526adurl%253D&y=1&s=&z=0
Frame ID: 9E5D2A98149EF95C7BE005959BF4849C
Requests: 11 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 0BD1157A464BD84AB7EAB2471EE8AF39
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D1%26key%3D
Frame ID: DB76C5533225430ECF1911E8632E2438
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=1&gdpr_consent=
Frame ID: 14A849D229B42ECE786A1001FA517C72
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=3&key=GDPR
Frame ID: CE6C5B2D3EABA1D75BCA85DC17ED01B4
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=200&key=OPTOUT
Frame ID: 61713D97780DC4843AC710822183F825
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D18%26key%3D%24UID
Frame ID: F70E781EA993BAA74350A4BF76938C1B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: E614789BF2D8D13CF2D0772E1C475973
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 051F3F9942183F0C69A8A60E74991F2E
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=10&pid=59c9148628a0612da3689288&key=lIBltm0HGXpD&ev=1&us_privacy=1---&pid=562704
Frame ID: 5AE9093933766698F7FFD0E44CA16B8F
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
Frame ID: AA0FF127FA0831AAD0B1957AE96FD6E2
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=1aa012a2bef51c412593f7f964e35b&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 6D52B25B6865508ABA3466F770D5199D
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=1&gdpr_consent=
Frame ID: CDEB5E45EEED9E3CA15674CF14327412
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=279534&3pid=ua-1dcc098a-cb1a-3217-902b-cd5ebb256706&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASqXAWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjk1MjYxNDg5MzM3LTk0ODI4MzYxMzI1OS0wMDEyNDQtMDA0LTAwMDgxOSZiaWRkZXJuYW1lPTUyJmtleT11YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYyAgYMOAI=
Frame ID: 7139750FC1EA17BE4706205E30FD554F
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=55&key=7078119663561859382
Frame ID: 72341542FB877B2F724EDC30C9DA58B3
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D41%26pid%3D59c9148628a0612da3689288%26key%3D%24UID
Frame ID: 82726501BE4278E2AE68F7239B504638
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-915231903259-001236-006-006080%26biddername%3D23%26key%3D
Frame ID: 5BA7FF5B4C61F38DEA47894B0755C430
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=448580&extuid=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Frame ID: 9494AA822E4DE2BA6906D1DB73AD26BB
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=1&key=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Frame ID: D2660FBFD4BF9D54754761B5CF7CA760
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=1&key=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Frame ID: 398BEDF6C0BECB154836EBC22BEDDA60
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 56F42B3695E970B0E587AA8C09A4C9EA
Requests: 7 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Frame ID: ED3D9A1CA89B651C5BE27470CFC921CA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Frame ID: F6E7D8029548160A0443B04004170A22
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Frame ID: EC84456D96B0080440515D888C098A06
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3AEBF8E701EAF806120C15B429BF6EB1
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Frame ID: D81BD5AD22D5A571794DFF0496C012CC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Frame ID: B8C4FEB143C1AC2DCB261874BCB328C5
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Frame ID: ADC06255A15F1F5E7C59DCC46790F540
Requests: 5 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 9D4CED0561458C47DA548B09FB42F3E5
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: B097EF61E5C355BB3A8732FB3A29F3D2
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Frame ID: E5DAA6C665641089BA9A351690FD0B77
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 1EA8C59B8EEF6592445210A8D65CCBAE
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6EBCABB7B00816AA7A5713117EE071E7
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Frame ID: 8112EDCB2A901B1D6137671EA2B8FE0F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: CCC61C298459EADBAB2154E5C39D4FC9
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 4783F7ACA6ADD28553E8F8DEBD5935F0
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 2A12829EAFC3ADFDDC552D3DF6603E59
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A6D885CDCAC717744159FCD294DC802F
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Frame ID: A9CB8C924365F38E12F50A290CC2D6DC
Requests: 4 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Frame ID: 857E2568D9FA34A81E695682202AA861
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=645c834590f2c48ad908f465
Frame ID: C7EC1F4BB845FD2B1529FD0BAE16B4E3
Requests: 2 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 380B47E1A05DB2356FF7AE0DF5CE48DE
Requests: 5 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: F3CEFEC23760B11F4DB965EE56F1C9A5
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: C523C56BEB7145947893159A294961EF
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C1A42752BBBC5BBC6247A4548DE00316
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Frame ID: 063197DFE6E8997DFDC381F3594752F7
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 2723326CDD1FA660E1551B0C8744D7DE
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 4DC57999DA510C05EB85D8A2E7A73D37
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 7E2ED1CB248B888CD0380A4A881D3CF2
Requests: 3 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 3C9A92B48C91291AEE55C09534561393
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ESPN vai criar marca de apostas esportivas em acordo com rede de cassinos no valor de US$ 2 bilhões | Economia | extraGroup 3Group 3Group 3Group 3

Page URL History Show full URLs

  1. https://cutt.ly/pwcQonAV HTTP 301
    https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acord... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

1051
Requests

80 %
HTTPS

24 %
IPv6

151
Domains

274
Subdomains

171
IPs

19
Countries

10070 kB
Transfer

33884 kB
Size

281
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cutt.ly/pwcQonAV HTTP 301
    https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41
  • https://sb.scorecardresearch.com/c2/6035227/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 43
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1695261480853&ns_c=UTF-8&c8=ESPN%20vai%20criar%20marca%20de%20apostas%20esportivas%20em%20acordo%20com%20rede%20de%20cassinos%20no%20valor%20de%20US%24%202%20bilh%C3%B5es%20%7C%20Economia%20%7C%20extra&c7=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&c9= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1695261480853&ns_c=UTF-8&c8=ESPN%20vai%20criar%20marca%20de%20apostas%20esportivas%20em%20acordo%20com%20rede%20de%20cassinos%20no%20valor%20de%20US%24%202%20bilh%C3%B5es%20%7C%20Economia%20%7C%20extra&c7=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&c9=
Request Chain 70
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&dcc=t
Request Chain 80
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&rid=esp&cc=1
Request Chain 109
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=extra.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=LDOjUHxFMUZESjNMVTg3SWhYeVNGQWwvcnZvQmJxTmdsVUFKZUJwRFExakRlSisySzR6N01vSkc4ZTEvVFA2YlJ2dWNneVVycVJDOFRYR294WDRyZ0VEOFZTYzE1Y3FTcGJrUFdnRm11UVJlS3hrSm9lazMvSi9hc1VqeUMyRDhudVRtMkJoblJKbm4yRVBaUVhCVmRGT0Q1RjJYY0d0eEV0UTYwak8zbFU3dHQvNCs2VjgyNGYyY0oybW5LeFZvaGxDSnZXZFRSZzBVQmtlRVlJb3ZpTmN5L2wrMUN1MksrVUpaWWlJOWk0UUp0K0NnOCtuVDhyaDArY1JqMVV3TFU5UWtsL3lCVS9VK210WVc0eHFTZW9qR2E4dz09fA&cppv=2
Request Chain 133
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=20e766a60e
Request Chain 134
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D HTTP 307
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=40865a8c-397a-4ab6-86b1-61a24f3778ff
Request Chain 135
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
Request Chain 140
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 144
  • https://ssbsync.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=906539967438444046&gdpr=0&gdpr_consent=
Request Chain 160
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1945593063401236011
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHb6k7hRfA2mhFT6CvslNyQ&google_cver=1
Request Chain 182
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZQujKutf4JN9V-XEBbC8xQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYz-aknfOYRA_pkeX-Fi5U&google_cver=1
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECq5sWTaIFJPfK0UqXIPUnY&google_cver=1
Request Chain 187
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=b590bebf-a1ea-6c2c-0015c7ad
Request Chain 188
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Request Chain 189
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZQujKwAR9Vc2rQAb HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQujKwAR9Vc2rQAb&_test=ZQujKwAR9Vc2rQAb
Request Chain 233
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=469943902.27859651346241271.82109344 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=469943902.27859651346241271.82109344 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-q.4OjzBE2pm7koZu78ovuj7RhiMm7dZlG1hm3Q--~A&expires=5&ssp=vidoomy HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=288a0a7b-baec-457a-b3a8-f6f3afd79784
Request Chain 234
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LMSIWYU5-1Y-417D
Request Chain 257
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENbHhYfV1S0FZERjYV5NaXo&google_cver=1&google_push=AXcoOmSU3R6GUdNacZXB1VdWpeXgrm_bxmalvpAf5YKU_Uds1Dx-D8-K8tKZoooYWJKzWkkhisLVQNwhGjXhPvJO9bnCUk4D2X5E&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSU3R6GUdNacZXB1VdWpeXgrm_bxmalvpAf5YKU_Uds1Dx-D8-K8tKZoooYWJKzWkkhisLVQNwhGjXhPvJO9bnCUk4D2X5E%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENbHhYfV1S0FZERjYV5NaXo&google_cver=1&google_push=AXcoOmSU3R6GUdNacZXB1VdWpeXgrm_bxmalvpAf5YKU_Uds1Dx-D8-K8tKZoooYWJKzWkkhisLVQNwhGjXhPvJO9bnCUk4D2X5E&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSU3R6GUdNacZXB1VdWpeXgrm_bxmalvpAf5YKU_Uds1Dx-D8-K8tKZoooYWJKzWkkhisLVQNwhGjXhPvJO9bnCUk4D2X5E%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 258
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEN593d5qBmvoNPP4aCW2lPw&google_cver=1&google_push=AXcoOmQx_RJbAqWZj9hjPju7cJnnhmfELW8RryC-bgEllCUWnSa7PSyl_U1ZNak1MiludkX0HjlJYG5eDBBe3ksY9aREOYqnuXiwIg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlF1akt3QVI5VmMyclFBYg==&google_gid=CAESEN593d5qBmvoNPP4aCW2lPw&google_cver=1&google_push=AXcoOmQx_RJbAqWZj9hjPju7cJnnhmfELW8RryC-bgEllCUWnSa7PSyl_U1ZNak1MiludkX0HjlJYG5eDBBe3ksY9aREOYqnuXiwIg
Request Chain 259
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEJmajg5An6o7m7T0LbFzMvI&google_cver=1&google_push=AXcoOmSVppdlZOM2u6F91aN75DZ2M3zuWtz_I0ueSbCKBLe1wODFivO3D7VPHhJtWlNp2tIfc1NghjhuSRtBvZ7wxMUvLCGdvL2wPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=830157082853
Request Chain 260
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECq5sWTaIFJPfK0UqXIPUnY&google_cver=1&google_push=AXcoOmRgCk8qpp9cL0bqLMC-FV7jYbKyzNfYfhIRf1wRr8Xu6GS7lrXe1PkX-e1CJEUs3mtZyRqa7kPsEos_tN2xZnmrra9AC-ITBQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECq5sWTaIFJPfK0UqXIPUnY&google_hm=ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB&google_nid=index&google_push=AXcoOmRgCk8qpp9cL0bqLMC-FV7jYbKyzNfYfhIRf1wRr8Xu6GS7lrXe1PkX-e1CJEUs3mtZyRqa7kPsEos_tN2xZnmrra9AC-ITBQ
Request Chain 261
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDx9Fz0TpX1YsU8OkPbEKSM&google_cver=1&google_push=AXcoOmStEaS5W5Nq3DAkhybP3MiUlmNVLl5r-nWd2fWmS7LFVF3nTu_dAiE6i4Bqm13pad5k57nAma_XsXiAA95aOzvpVxTu82SoCw HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDx9Fz0TpX1YsU8OkPbEKSM&google_cver=1&google_push=AXcoOmStEaS5W5Nq3DAkhybP3MiUlmNVLl5r-nWd2fWmS7LFVF3nTu_dAiE6i4Bqm13pad5k57nAma_XsXiAA95aOzvpVxTu82SoCw&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmStEaS5W5Nq3DAkhybP3MiUlmNVLl5r-nWd2fWmS7LFVF3nTu_dAiE6i4Bqm13pad5k57nAma_XsXiAA95aOzvpVxTu82SoCw&google_hm=HWxWpGZH8JLneMwdQJ2j3lGK
Request Chain 263
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFZHrgrAbSQKZcOa8EraR_E&google_cver=1&google_push=AXcoOmTlfSI63k6xP7qI5W6AgLMsE9vsJ30PKNKOPh-ZoLrfPKJY5w4Vu3Vs2slP4Lq7b6cUEV2zGghBbAaZmOhMj33Lejgl2_z-4g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZGI5YTFmOTctM2E4OS00ZDFhLWE5MTktYTJjMTNjMGY1NWNl&google_push=AXcoOmTlfSI63k6xP7qI5W6AgLMsE9vsJ30PKNKOPh-ZoLrfPKJY5w4Vu3Vs2slP4Lq7b6cUEV2zGghBbAaZmOhMj33Lejgl2_z-4g HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 266
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOLB_z326ITh_wfbSXGfMZA&google_cver=1&google_push=AXcoOmSdJCOzzd3o3uoWLJsB2H5sw_SVQjIBKmsFSIhva5rrd7GQjYwL2MPBjkz9MjXbX8I7rpKTB6WTuyoO4tuTlRxbQpc-wJW9 HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=326850fb4a8b24a4&is_secure=true&networkId=14000&version=1&google_gid=CAESEOLB_z326ITh_wfbSXGfMZA&google_cver=1&google_push=AXcoOmSdJCOzzd3o3uoWLJsB2H5sw_SVQjIBKmsFSIhva5rrd7GQjYwL2MPBjkz9MjXbX8I7rpKTB6WTuyoO4tuTlRxbQpc-wJW9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIVRMx2uWJLwNDY4lGAAAAAAA&expiration=1695347883&google_cver=1&is_secure=true&google_gid=CAESEOLB_z326ITh_wfbSXGfMZA&google_push=AXcoOmSdJCOzzd3o3uoWLJsB2H5sw_SVQjIBKmsFSIhva5rrd7GQjYwL2MPBjkz9MjXbX8I7rpKTB6WTuyoO4tuTlRxbQpc-wJW9
Request Chain 267
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJ_6rJ-WvPa_EUkNo7spgNc&google_cver=1&google_push=AXcoOmS7S8a3pAhgwjGKby3A5fyRiMQB-O3ACbO-vpRB0o4spoWZZ77Y_eeDSOf-9jIETIysMLEWOW6FjK7acmpOGijQddqo-rhFbw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cXwiO9KnRS0XYb40X1D4dQ&google_push=AXcoOmS7S8a3pAhgwjGKby3A5fyRiMQB-O3ACbO-vpRB0o4spoWZZ77Y_eeDSOf-9jIETIysMLEWOW6FjK7acmpOGijQddqo-rhFbw
Request Chain 268
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEBAUlEKlbFFzzdz02oV6cUQ&google_cver=1&google_push=AXcoOmS0zELZ_QPGcpHevYQt9XLqnojuUQM0R6Q5WdSqhp83sviXXyZR3PhTIFvACm48Xo8zMlt8ybIIIEnEgZ38_VKdn78m6RVS HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBAUlEKlbFFzzdz02oV6cUQ&google_cver=1&google_push=AXcoOmS0zELZ_QPGcpHevYQt9XLqnojuUQM0R6Q5WdSqhp83sviXXyZR3PhTIFvACm48Xo8zMlt8ybIIIEnEgZ38_VKdn78m6RVS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS0zELZ_QPGcpHevYQt9XLqnojuUQM0R6Q5WdSqhp83sviXXyZR3PhTIFvACm48Xo8zMlt8ybIIIEnEgZ38_VKdn78m6RVS
Request Chain 269
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOCbSCcb3tlB8at7d-tEdBg&google_cver=1&google_push=AXcoOmRjd7qmB5mTcf2FgbatIxBLf5OLSoHlKDJWRxWCMQ42SsGWNL7Lg5RuUJORYEXIjCqE3_BVhfmK_J6vTuuJosX4rTb_gmygkw HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOCbSCcb3tlB8at7d-tEdBg&google_push=AXcoOmRjd7qmB5mTcf2FgbatIxBLf5OLSoHlKDJWRxWCMQ42SsGWNL7Lg5RuUJORYEXIjCqE3_BVhfmK_J6vTuuJosX4rTb_gmygkw&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRjd7qmB5mTcf2FgbatIxBLf5OLSoHlKDJWRxWCMQ42SsGWNL7Lg5RuUJORYEXIjCqE3_BVhfmK_J6vTuuJosX4rTb_gmygkw&google_hm=UUZ4eWRzTjVsUGVfUXJqQVNHTlQ=
Request Chain 270
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDvUqvs6n3JY1l44YQaptok&google_cver=1&google_push=AXcoOmSdiYztydmJ__nBN16A_byYENDQCoadrALQkdxtlUN4lWR2bNZPVpCPVWCl0sLoPDrYC6BmYEeOP7I04Ds4ZneRdgFa0ETQHg HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=44&external_user_id=20e766a60e&gdpr=0&gdpr_consent=
Request Chain 271
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEC6YPmjQ_rornV9hr29z9mo&google_cver=1&google_push=AXcoOmT4RPGSg-XATHrsbgeJPKdqj251Yz8ubaYkiLnaU1rVvOBpxL64hFL8HeDAqrOsvrzTpaDLP8rdX9a9XysVvPFyZ5mTK7_Ymw HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmT4RPGSg-XATHrsbgeJPKdqj251Yz8ubaYkiLnaU1rVvOBpxL64hFL8HeDAqrOsvrzTpaDLP8rdX9a9XysVvPFyZ5mTK7_Ymw&google_gid=CAESEC6YPmjQ_rornV9hr29z9mo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkyNDM4ODE0NzEwMjgzOTE4MzkxOA%3D%3D&google_push=AXcoOmT4RPGSg-XATHrsbgeJPKdqj251Yz8ubaYkiLnaU1rVvOBpxL64hFL8HeDAqrOsvrzTpaDLP8rdX9a9XysVvPFyZ5mTK7_Ymw
Request Chain 282
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tJm3rXkXSO6sLFndktSOMw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 286
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=913059497
Request Chain 287
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B499B7AD-7917-48EE-AC2C-59DD92D48E33 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MWNmNFliaXJ4ZWFSRDZNYW5IUGZFbFk2Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=1945593063401236011&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 288
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjQ5OUI3QUQtNzkxNy00OEVFLUFDMkMtNTlERDkyRDQ4RTMz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJn7wKdst5utB-0ZCY8Qby8&google_cver=1
Request Chain 291
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1945593063401236011
Request Chain 293
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&khaos=LMSIWYU5-1Y-417D HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LMSIWYU5-1Y-417D&ex=d-rubiconproject.com&status=ok
Request Chain 304
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1TSVdZVTUtMVktNDE3RA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPlypyMwRK2CoO4ynsV7T_M&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1TSVdZVTUtMVktNDE3RA==&google_push=
Request Chain 305
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Vf_WkBSuQIC11VJ685TL_Q&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Vf_WkBSuQIC11VJ685TL_Q
Request Chain 306
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/7S6KxaHBQnYhXjvNsRHymcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-74A43vZE2oJ0amiAPAUni8_6kXVm7uBjYWn0ng--~A
Request Chain 307
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=r1_JxbjZTD2uuhDYW6UUPg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=r1_JxbjZTD2uuhDYW6UUPg
Request Chain 308
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENFR-Ohe76icz9mWfJWVDVo&google_cver=1
Request Chain 310
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWM1YzhhMTUxY2JiNjVlMjk0OGFjZWQ4M2JlYTk0YWZiMjBlM2RjZA
Request Chain 311
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMSIWYU5-1Y-417D
Request Chain 333
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=40865a8c-397a-4ab6-86b1-61a24f3778ff
Request Chain 334
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=obNhX_SrEj0
Request Chain 335
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=CLOiGAY-0Us&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=309101d0-4e22-43b7-98bf-8e715ecf8753
Request Chain 336
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3666276997469608364
Request Chain 337
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=1S6dFtTSV3lGVnbORI-b58POaYM
Request Chain 340
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=40865a8c-397a-4ab6-86b1-61a24f3778ff
Request Chain 341
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=BfznZwFNGac
Request Chain 342
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=WQJ2B5MVybY&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=0401c18a-cee0-41dd-9bf6-05f3942e0e3f
Request Chain 343
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3738334591507536300
Request Chain 344
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=1S6dFtTSV3lGVnbORI-b58POaYM
Request Chain 383
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Request Chain 386
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1695261484783&pubconsent=&euconsent=&hasConsent=1 HTTP 302
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1695261484783&pubconsent=&euconsent=&hasConsent=1&rd=1
Request Chain 391
  • https://bh.contextweb.com/bh/rtset?pid=562983&ev=1&us_privacy=&rurl=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpulsepoint%3Fchanneluid%3D%25%25VGUID%25%25 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=lIBltm0HGXpD&ev=1&us_privacy=&pid=562983
Request Chain 393
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID HTTP 302
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7078119663561859382
Request Chain 394
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=906539967438444046
Request Chain 395
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__ HTTP 302
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0
Request Chain 397
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag&bsw_custom_parameter=288a0a7b-baec-457a-b3a8-f6f3afd79784 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag&bsw_custom_parameter=288a0a7b-baec-457a-b3a8-f6f3afd79784 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f5e96277-db67-4937-a9cb-f717eef9b894&user_group=1&ssp=seedtag&bsw_param=288a0a7b-baec-457a-b3a8-f6f3afd79784 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=
Request Chain 399
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F HTTP 303
  • https://pixel.advertising.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true HTTP 302
  • https://sync.richaudience.com/03635d2e5423be5c297a9b6f812b727e/?action=in&uid=y-SLhXIzBE2uHri3u5PdujMrkBqbSEkQD.~A&gdpr=0
Request Chain 401
  • https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=1b6e2241-4b10-4959-afd1-1387c727541d
Request Chain 402
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZQujKutf4JN9V-XEBbC8xQAA%265191
Request Chain 403
  • https://ups.analytics.yahoo.com/ups/58427/occ HTTP 302
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-AiBnO.lE2uGw9jCnIM2YjBB5Z9gxKila5.8Q6Fg-~A
Request Chain 404
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fadform%3Fchanneluid%3D%24UID HTTP 303
  • https://s.seedtag.com/cs/cookiesync/adform?channeluid=1945593063401236011
Request Chain 406
  • https://u.openx.net/w/1.0/cm?id=e297ef35-c932-4587-9b44-3838020a33e7&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fopenx%3Fchanneluid%3D%7BOPENX_ID%7D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/openx?channeluid=f021a618-a124-4473-b89b-0da79e8c06d1
Request Chain 407
  • https://event.clientgear.com/cookie/seedtag?partner=seedtag&cookieid= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mkbeaac44ccc2949dba272d57345ae292c
Request Chain 408
  • https://creativecdn.com/cm-notify?pi=seedtag HTTP 302
  • https://creativecdn.com/cm-notify?pi=seedtag&tc=1 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=yUyoNLW9ZHw7nDJpwtS0&pi=seedtag&tc=1
Request Chain 409
  • https://t.adx.opera.com/pub/sync?pubid=pub9283744565120 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPUdd1964431d80457ca9ca37e876c7cc5e
Request Chain 441
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7078119663561859382&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 442
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7078119663561859382&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 443
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=yUyoNLW9ZHw7nDJpwtS0&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
Request Chain 444
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=adyoulike&gdpr=0&user_id=a5bnqjyQ5apwwuf7PJL6_T7Ctflwle__b5tIXeuB HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=288a0a7b-baec-457a-b3a8-f6f3afd79784&name=BIDSWITCH&gdpr=0&gdpr_consent=
Request Chain 446
  • https://match.prod.bidr.io/cookie-sync/aul HTTP 303
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1 HTTP 303
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AACRqE7KF0YAABklX71mMQ&name=BEESWAX
Request Chain 448
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De77031af9e62c4ae76bee5b9517c4ef4%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=737d10dbacc40325579565d5799413dc&gdpr=0&gdpr_consent=
Request Chain 449
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 450
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B499B7AD-7917-48EE-AC2C-59DD92D48E33&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-i4.vAWRE2uWBI2M3gKO_6XkIVa3t7yc-~A&gdpr=0
Request Chain 451
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent= HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=40865a8c-397a-4ab6-86b1-61a24f3778ff%20&gdpr_consent=null&gdpr=0
Request Chain 452
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0996220400452a0f2b180df2&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Request Chain 453
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131&name=STACKADAPT&gdpr=0&gdpr_consent=
Request Chain 454
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67019618f4c5f35f52e%26visitor%3D%24%24visitor_cookie%24%24%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=f8d883f0dc734b80a814cfefc7c2f949&gdpr=0&gdpr_consent=
Request Chain 457
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent=&crf=1&rts=5366999801121524431 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=3f6a4ce6-40ca-5208-86f3-3f62e3f89c4f&name=BETWEENX&gdpr=0&gdpr_consent=
Request Chain 473
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 476
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/ HTTP 302
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=906539967438444046
Request Chain 477
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7078119663561859382&gdpr=0&gdpr_consent=
Request Chain 478
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=2d543cf9-d417-4db4-8b61-1zz1695261405 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=288a0a7b-baec-457a-b3a8-f6f3afd79784&ssp=richaudience&gdpr=0&gdpr_consent=
Request Chain 480
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_ce3f21a1-f6ad-43e1-92a3-b091e8bbd8f0
Request Chain 482
  • https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D85%2526partnerUserId%253D%2524TF_USER_ID_ENC%2524&r=if HTTP 302
  • https://a.tribalfusion.com/i.match?p=b30&u=7beYp_ofopg&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
  • https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662085148528352
Request Chain 483
  • https://match.prod.bidr.io/cookie-sync/lkq HTTP 303
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1 HTTP 303
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAGosE7KF0YAABnKmyoZjw
Request Chain 484
  • https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=3Z5VJoqYVybGylV3ippIcYjKB3XGnV1z2ZN7WgQO
Request Chain 487
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 488
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 493
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=539254dae2df1774&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIki6A7a9zuwNlm47tAAAAAAA&expiration=1695347885&nuid={OX_USER_ID}&is_secure=true
Request Chain 494
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=fS51ctEZyYgIdvLULXbM2w==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 496
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=7c2b990e-db94-446e-afab-8ba7a9b8bc8b&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&us_privacy=
Request Chain 497
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=yUyoNLW9ZHw7nDJpwtS0&pi=openx&gdpr=0
Request Chain 498
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=TfO4lxr1updWp7jGGvelwBin6sRW8LDCSf7zUgB7
Request Chain 521
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAGJ2E7KF0YAABiP_Kr8NA&partnerid=127&gdpr=0
Request Chain 523
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=Lir5Nnks-zY1fvlneS7kYXt-q2U1KfFjKidiOtNp
Request Chain 524
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=906539967438444046&gdpr=0&gdpr_consent=
Request Chain 532
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&khaos=LMSIWYU5-1Y-417D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LMSIWYU5-1Y-417D
Request Chain 557
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7d061bcdbd2b24a4&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAIki6A7a9z0wMNjJLUAAAAAAA&expiration=1695347885&is_secure=true
Request Chain 558
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=7078119663561859382&ex=appnexus.com
Request Chain 569
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=3924388147102839183918
Request Chain 571
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1695261485988 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5271108355 HTTP 302
  • https://sync.1rx.io/usersync/turn/3738334591507536300?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c4479bd1-9d2e-44e9-b2c2-88384286ff10-003?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-c4479bd1-9d2e-44e9-b2c2-88384286ff10-003 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-c4479bd1-9d2e-44e9-b2c2-88384286ff10-003
Request Chain 572
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=9ba67081-c100-434f-858e-7e767f3434ec
Request Chain 573
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636%2526visitor%253D%257Buid%257D%2526name%253DOPENWEB HTTP 302
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=e30acaa57d00effe&name=OPENWEB
Request Chain 575
  • https://pr-bh.ybp.yahoo.com/sync/taboola/53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-CE4s.jJE2oQ6UaGkEDqHQmZNGufVrkS.jQoYgQ--~A
Request Chain 580
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=288fb196025e166b&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAH9u2Vzacs-gNpQnLkAAAAAAA&expiration=1695347885&is_secure=true
Request Chain 581
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=7078119663561859382&ex=appnexus.com
Request Chain 583
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEBVJmLpFoKTllBKQtH85D6Q&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEBVJmLpFoKTllBKQtH85D6Q&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=e613c9023dc8ec0b0b69d93dad5b8930&uid=e613c9023dc8ec0b0b69d93dad5b8930&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 586
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=LMSIWYU5-1Y-417D HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LMSIWYU5-1Y-417D&name=RUBICON&gdpr=0
Request Chain 588
  • https://pr-bh.ybp.yahoo.com/sync/taboola/53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-CE4s.jJE2oQ6UaGkEDqHQmZNGufVrkS.jQoYgQ--~A
Request Chain 597
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7078119663561859382
Request Chain 598
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_e5102c8a-db13-4d1f-96c0-0f892add0dc0&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=146eb683-11fe-4cf7-a15e-4d8d30df69fc&expires=1&user_group=2&ssp=gumgum2&bsw_param=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&us_privacy=
Request Chain 599
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28fW4eE_gk9WMt2_T49zGeQoSFPm8W8JxF-TQ-fZX9Cfg3l72srxt1eMg3EMvvDUd_%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28fW4eE_gk9WMt2_T49zGeQoSFPm8W8JxF-TQ-fZX9Cfg3l72srxt1eMg3EMvvDUd_%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_a3263899-2fa2-49aa-a5bf-714969814fec&obuid=ENC(fW4eE_gk9WMt2_T49zGeQoSFPm8W8JxF-TQ-fZX9Cfg3l72srxt1eMg3EMvvDUd_) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 600
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=55455b3e-508a-48f0-8979-ae8e363ff727
Request Chain 601
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131
Request Chain 602
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-NqwqndhE2pdRYl5YOZYm0cNEKq2W2npYQtJs~A
Request Chain 603
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=14ae9f1f-538c-4255-aea4-d5256ae4ef41
Request Chain 605
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_e5102c8a-db13-4d1f-96c0-0f892add0dc0&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 606
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=1b6e2241-4b10-4959-afd1-1387c727541d
Request Chain 607
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=lIBltm0HGXpD&ev=1&pid=558355
Request Chain 608
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=906539967438444046
Request Chain 610
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7078119663561859382
Request Chain 611
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a3263899-2fa2-49aa-a5bf-714969814fec&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=bdb1a6ae-b509-411e-b18a-c3587d91a86b&expires=1&user_group=2&ssp=gumgum2&bsw_param=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&us_privacy=
Request Chain 612
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Fnir9tTgv5BA76twkL5MBCDdZBkxMT5NTmJU6xf63xPI7Q4jCXAArmxY42DuW0U2%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Fnir9tTgv5BA76twkL5MBCDdZBkxMT5NTmJU6xf63xPI7Q4jCXAArmxY42DuW0U2%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_a3263899-2fa2-49aa-a5bf-714969814fec&obuid=ENC(Fnir9tTgv5BA76twkL5MBCDdZBkxMT5NTmJU6xf63xPI7Q4jCXAArmxY42DuW0U2) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 613
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=55455b3e-508a-48f0-8979-ae8e363ff727
Request Chain 614
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131
Request Chain 615
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-NqwqndhE2pdRYl5YOZYm0cNEKq2W2npYQtJs~A
Request Chain 616
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=6a08188d-82e7-47da-8966-e52a9fad3bf9
Request Chain 618
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a3263899-2fa2-49aa-a5bf-714969814fec&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 619
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=1b6e2241-4b10-4959-afd1-1387c727541d
Request Chain 620
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=lIBltm0HGXpD&ev=1&pid=558355
Request Chain 621
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=906539967438444046
Request Chain 624
  • https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=3Z5VJoqYVybGylV3ippIcYjKB3XGnV1z2ZN7WgQO
Request Chain 625
  • https://match.prod.bidr.io/cookie-sync/lkq HTTP 303
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAGosE7KF0YAABnKmyoZjw
Request Chain 627
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_ce3f21a1-f6ad-43e1-92a3-b091e8bbd8f0
Request Chain 628
  • https://rtb.adentifi.com/CookieSyncLKQD HTTP 302
  • https://cs.lkqd.net/cs?partnerId=6&partnerUserId=cuid_4cb4e547-5822-11ee-9fce-121a6d1d7927
Request Chain 629
  • https://sync.1rx.io/usersync2/lkqd HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2099360683 HTTP 302
  • https://sync.1rx.io/usersync/turn/3738334591507536300?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c4479bd1-9d2e-44e9-b2c2-88384286ff10-003?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-c4479bd1-9d2e-44e9-b2c2-88384286ff10-003 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-c4479bd1-9d2e-44e9-b2c2-88384286ff10-003
Request Chain 630
  • https://x.bidswitch.net/sync?ssp=lkqd HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=288a0a7b-baec-457a-b3a8-f6f3afd79784 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f5e96277-db67-4937-a9cb-f717eef9b894&user_group=1&ssp=lkqd&bsw_param=288a0a7b-baec-457a-b3a8-f6f3afd79784 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=12&partnerUserId=288a0a7b-baec-457a-b3a8-f6f3afd79784&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3D288a0a7b-baec-457a-b3a8-f6f3afd79784%26redirect%3D%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D46%2526partnerUserId%253D288a0a7b-baec-457a-b3a8-f6f3afd79784 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=43&partnerUserId=288a0a7b-baec-457a-b3a8-f6f3afd79784&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3D288a0a7b-baec-457a-b3a8-f6f3afd79784 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=46&partnerUserId=288a0a7b-baec-457a-b3a8-f6f3afd79784
Request Chain 631
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D13%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=13&partnerUserId=40865a8c-397a-4ab6-86b1-61a24f3778ff
Request Chain 635
  • https://media.sabio.us/imp_pixel?invsrc=11&secure=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=39&partnerUserId=5127801215003724970
Request Chain 637
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=ZQujKwAR9Vc2rQAb
Request Chain 638
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=lIBltm0HGXpD&ev=1&pid=561322
Request Chain 640
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=N2JlWXBfb2ZvcGc HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEAic8dZ9YEP0JFO2r8CuYpU&google_cver=1
Request Chain 641
  • https://a.tribalfusion.com/i.match?p=b30&u=7beYp_ofopg&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662085148528352
Request Chain 642
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=118 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348%26partner_url%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D97%2526partnerUserId%253D87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3D87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3D87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=97&partnerUserId=87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348
Request Chain 643
  • https://s.ad.smaato.net/c/?adExInit=v HTTP 302
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=20e766a60e&gdpr=0&gdpr_consent=
Request Chain 663
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT] HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=1945593063401236011&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
Request Chain 671
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZQujKwAR9Vc2rQAb&gdpr=&gdpr_consent=
Request Chain 675
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZQujL8Co8XYAAEBQkEoAAAAA
Request Chain 676
  • https://cs.admanmedia.com/sync/gumgum?puid=e_e5102c8a-db13-4d1f-96c0-0f892add0dc0&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=8853a951-6dbd-484a-99d0-982ac1e58488
Request Chain 677
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=yUyoNLW9ZHw7nDJpwtS0&pi=gumgum
Request Chain 678
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 679
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT] HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=1945593063401236011&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
Request Chain 680
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZQujKwAR9Vc2rQAb&gdpr=&gdpr_consent=
Request Chain 684
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZQujL8Co8XkAAGUZh3AAAAAA
Request Chain 685
  • https://cs.admanmedia.com/sync/gumgum?puid=e_a3263899-2fa2-49aa-a5bf-714969814fec&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=e52f791e-e6c7-4c00-a345-1c6e3772b0cd
Request Chain 686
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=yUyoNLW9ZHw7nDJpwtS0&pi=gumgum
Request Chain 687
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 695
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=FXzjIUJ64SEOKONwQnj-dkAosXIOf-t0EXFSCPSw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7078119663561859382
Request Chain 696
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7078119663561859382&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7078119663561859382
Request Chain 697
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7281092644835424410&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
Request Chain 698
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=1S6dFtTSV3lGVnbORI-b58POaYM&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
Request Chain 702
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B499B7AD-7917-48EE-AC2C-59DD92D48E33&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B499B7AD-7917-48EE-AC2C-59DD92D48E33&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 703
  • https://pixel.onaudience.com/?partner=214&mapped=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c8146b70f3b088f8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=686e9f91dffaf4c2e5263c4958081b60&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 705
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARivxq6oBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEE8phzZYIhHusdoAJZDIJDeqAQhwdWJtYXRpY7IBJDI4OGEwYTdiLWJhZWMtNDU3YS1iM2E4LWY2ZjNhZmQ3OTc4NA** HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=4f298736-5822-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=288a0a7b-baec-457a-b3a8-f6f3afd79784 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 706
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348&gdpr=0&gdpr_consent=
Request Chain 707
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6231fa2ad74c1820&is_secure=true&networkId=17100&version=1&nuid=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIVRMx2uWJxwNEv3n8AAAAAAA&expiration=1695347887&nuid=B499B7AD-7917-48EE-AC2C-59DD92D48E33&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 715
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=b7f168b6-e95d-4fca-a990-005fd87c2da7&gdpr=0&gdpr_consent=
Request Chain 716
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=OTA2NTM5OTY3NDM4NDQ0MDQ2&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKpZPx616xU6wbafGddqmXA&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 720
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHb3NFN0tGMFlBQUJuS215b1pqdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAGosE7KF0YAABnKmyoZjw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGosE7KF0YAABnKmyoZjw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAGosE7KF0YAABnKmyoZjw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=906539967438444046&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGosE7KF0YAABnKmyoZjw&gdpr=0&gdpr_consent=
Request Chain 721
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 723
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdd1964431d80457ca9ca37e876c7cc5e
Request Chain 725
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3738334591507536300&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 726
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6ae53944-2414-41d7-b3ff-cb5dff7b15ae&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 738
  • https://pr-bh.ybp.yahoo.com/sync/taboola/53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-CE4s.jJE2oQ6UaGkEDqHQmZNGufVrkS.jQoYgQ--~A
Request Chain 752
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7078119663561859382
Request Chain 754
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB
Request Chain 756
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=906539967438444046&gdpr=0&gdpr_consent=
Request Chain 757
  • https://rtb.adentifi.com/CookieIndex HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_4cb4e547-5822-11ee-9fce-121a6d1d7927
Request Chain 758
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=6e18aba38f611774&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAH9u2VzactSQNkqIfVAAAAAAA&expiration=1695347887&is_secure=true
Request Chain 759
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2EFA5667346448F8AB63B285A5ABB642
Request Chain 761
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LMSIWYU5-1Y-417D HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LMSIWYU5-1Y-417D
Request Chain 764
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC1PLCsG8DiKL-iH1J_9KN8&google_cver=1&google_push=AXcoOmRPY6uADbKwxcTFVEELtKA60ab4fVbwqczISnrknlDz7dYifVRDvxpC70esL9ADELlXXbDpvYNDLQTH794cfFFmjqyzD5bk HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmRPY6uADbKwxcTFVEELtKA60ab4fVbwqczISnrknlDz7dYifVRDvxpC70esL9ADELlXXbDpvYNDLQTH794cfFFmjqyzD5bk&google_hm=Eua89e61p5v_oIHviKU16A
Request Chain 765
  • https://um.simpli.fi/gp_match?google_gid=CAESELYkTf7fk0xzoT-RGqQBqoA&google_cver=1&google_push=AXcoOmTNmIi3XLLSnt2sIHE5Ky5F0sp-XhFS66Xwz9XSI83tjcJNJty2iXYSWwu5z5WGX2YqJllRgB2Vv-XdiZN569MkdEPFjx5Qog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2EFA5667346448F8AB63B285A5ABB642&google_push=AXcoOmTNmIi3XLLSnt2sIHE5Ky5F0sp-XhFS66Xwz9XSI83tjcJNJty2iXYSWwu5z5WGX2YqJllRgB2Vv-XdiZN569MkdEPFjx5Qog
Request Chain 766
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRO59WK9Xx2PHRhtsh8Ezxbkn9jU4gjPcTEE9TQrVaqhbs_VenXvUl0uF6y2JSJnpyG6Hu5j592iKreX1ZuSwaeQ7o9h6S-TA&google_gid=CAESEBx52lExRLFXBV5EdsiIys4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-MgmfV3nbHDK3mW0-1pgLpSx6mMW1WpZ4baKjdQ&google_push=AXcoOmRO59WK9Xx2PHRhtsh8Ezxbkn9jU4gjPcTEE9TQrVaqhbs_VenXvUl0uF6y2JSJnpyG6Hu5j592iKreX1ZuSwaeQ7o9h6S-TA
Request Chain 767
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJlIDZKASW66F2WvRVL8Z84&google_cver=1&google_push=AXcoOmQ6kJdZyPmvMjSVddWsKG8cP5c3cxYmCVU0wUzVcE5rk8J8RIN4RDdd610OTVep3bw8E8om1VICdo4bfALi1MVN1S4zbwIwRg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk0NTU5MzA2MzQwMTIzNjAxMQ&google_push=AXcoOmQ6kJdZyPmvMjSVddWsKG8cP5c3cxYmCVU0wUzVcE5rk8J8RIN4RDdd610OTVep3bw8E8om1VICdo4bfALi1MVN1S4zbwIwRg
Request Chain 768
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIyPDDRtQ5E6jrxjYtwj9ys&google_cver=1&google_push=AXcoOmRkzCZ_NV65kfOaEU3Alm08CIo7YyTk-3Xr2qHETTLcWQsqbP_dKybHQtwkaTeAr3B6sUpsppkc837ciQCJ937ag3BN_EAA3Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRkzCZ_NV65kfOaEU3Alm08CIo7YyTk-3Xr2qHETTLcWQsqbP_dKybHQtwkaTeAr3B6sUpsppkc837ciQCJ937ag3BN_EAA3Q&google_hm=OTA2NTM5OTY3NDM4NDQ0MDQ2
Request Chain 769
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH5Q-vSvoFwCF8B6t2t9QTo&google_cver=1&google_push=AXcoOmTSwb8nnxpgl6NCAJxWQMC90vZZY9XtSDjaWQntTviPdFHCUYnb8tlBSph7GgKJdhXJWN_rnLNTmitEldPC_fPNeZ_rtJQcYw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTSwb8nnxpgl6NCAJxWQMC90vZZY9XtSDjaWQntTviPdFHCUYnb8tlBSph7GgKJdhXJWN_rnLNTmitEldPC_fPNeZ_rtJQcYw HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 790
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2847261290142645612
Request Chain 791
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210827160926938
Request Chain 793
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
Request Chain 795
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=9d5vj50j2vr6
Request Chain 796
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DF1rNcAsvjSbWUhTaMYhaSSMS%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=686e9f91dffaf4c2e5263c4958081b60&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DF1rNcAsvjSbWUhTaMYhaSSMS%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjSbWUhTaMYhaSSMS&gdpr=0&gdpr_consent=
Request Chain 798
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2EFA5667346448F8AB63B285A5ABB642&gdpr=0&gdpr_consent=
Request Chain 799
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7796042916
Request Chain 837
  • https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C3995168035037029481949107963%2C%2C HTTP 302
  • https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C3995168035037029481949107963%2C%2C&_tur=T
Request Chain 857
  • https://www.awin1.com/cshow.php?s=2246444&v=11482&q=346440&r=412871&pv=1&pref3=oneid8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHkoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.ch/ztpv.php?insert=AW
Request Chain 875
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1695261489337-948283613259-001244-004-000819&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D3%26key%3D%5BUSER_ID%5D HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=3&key=GDPR
Request Chain 876
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=200&key=OPTOUT
Request Chain 878
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 880
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D10%26pid%3D59c9148628a0612da3689288%26key%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=10&pid=59c9148628a0612da3689288&key=lIBltm0HGXpD&ev=1&us_privacy=1---&pid=562704
Request Chain 881
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
Request Chain 882
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=1aa012a2bef51c412593f7f964e35b&_fw_gdpr=1&_fw_gdpr_consent=
Request Chain 883
  • https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=1aa012a2bef51c412593f7f964e35b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d1%26gdpr_consent%3d&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1229_7282223796728647955&gdpr=1&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=1&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAGosE7KF0YAABnKmyoZjw&dataProviderId=817&gdpr=1 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=1aa012a2bef51c412593f7f964e35b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d1%26gdpr_consent%3d&26913=AAGosE7KF0YAABnKmyoZjw&gdpr=1 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1229_7282223796728647955&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=1&gdpr_consent=
Request Chain 884
  • https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D52%26key%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASqXAWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjk1MjYxNDg5MzM3LTk0ODI4MzYxMzI1OS0wMDEyNDQtMDA0LTAwMDgxOSZiaWRkZXJuYW1lPTUyJmtleT11YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYyAgYMOAE=%26buyeruid%3D HTTP 302
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASqXAWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjk1MjYxNDg5MzM3LTk0ODI4MzYxMzI1OS0wMDEyNDQtMDA0LTAwMDgxOSZiaWRkZXJuYW1lPTUyJmtleT11YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYyAgYMOAE=&buyeruid= HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-1dcc098a-cb1a-3217-902b-cd5ebb256706&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASqXAWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjk1MjYxNDg5MzM3LTk0ODI4MzYxMzI1OS0wMDEyNDQtMDA0LTAwMDgxOSZiaWRkZXJuYW1lPTUyJmtleT11YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYyAgYMOAI=
Request Chain 885
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=55&key=7078119663561859382
Request Chain 899
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=1aa012a2bef51c412593f7f964e35b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1229_7282223796728647955&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 904
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&khaos=LMSIWYU5-1Y-417D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LMSIWYU5-1Y-417D
Request Chain 906
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 907
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 913
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 920
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 922
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 967
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEPAC-EbmlI9tSg7c9RqgHz4&google_cver=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/1aa012a2bef51c412593f7f964e35b?gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-459V4SxE2oMnCm0HpiQrLJHvKj1S6fR_h0KKQTJ6~A&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 972
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 973
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 979
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/1aa012a2bef51c412593f7f964e35b?gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-459V4SxE2oMnCm0HpiQrLJHvKj1S6fR_h0KKQTJ6~A&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 985
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 987
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 1030
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 1036
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 1037
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 1044
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Request Chain 1050
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 1052
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

1051 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
extra.globo.com/economia/noticia/2023/08/
Redirect Chain
  • https://cutt.ly/pwcQonAV
  • https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
495 KB
109 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.177 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-177.prt.globo.com
Software
/
Resource Hash
faa0f9c808d262ad121d8ba8a79ddb1c69a213311e044531dfc52fcfb75f12b3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=10
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 21 Sep 2023 01:57:58 GMT
expires
Thu, 21 Sep 2023 01:58:08 GMT
http_x_forwarded_proto
https
show-page-version
0
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, Wall-Subscription-Level, Origin
via
2.0 CachOS
x-bip
445776657 ra09 20 11
x-cache-status
MISS
x-content-type-options
nosniff
x-device-atlas
desktop
x-mobile
desktop
x-request-id
6b6ae87e-13d2-4dd7-8dc0-d84d1a76efcf
x-served-from
extra-router-gcp, Show Services GCP
x-thanos
0AB4D01A
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
809eb34beb3e5b98-FRA
content-type
text/html; charset=UTF-8
date
Thu, 21 Sep 2023 01:57:57 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/bold.woff2
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b

Request headers

Referer
https://extra.globo.com/
Origin
https://extra.globo.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
x-openstack-request-id
tx17b8bd94c4ee495593456-0064b357c6
last-modified
Tue, 25 Jun 2019 17:35:22 GMT
x-thanos
0AB14003
etag
8593a5a07cf620d4512fcb71cbcd07a6
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484121.35690
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10284
x-trans-id
tx17b8bd94c4ee495593456-0064b357c6
x-request-id
c72e6206-347f-46d4-a1c9-18bae03fc2cc
semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer
https://extra.globo.com/
Origin
https://extra.globo.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
x-openstack-request-id
txc29e8d986591404bb4955-0064935f4b
last-modified
Tue, 25 Jun 2019 17:36:47 GMT
x-thanos
0AB14003
etag
365c53275ca5dad1584b7e0bd3a46c1e
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484206.27623
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16172
x-trans-id
txc29e8d986591404bb4955-0064935f4b
x-request-id
cc4940ac-3bff-4d61-b155-1b098c8ffaf5
regular.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/regular.woff2
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Request headers

Referer
https://extra.globo.com/
Origin
https://extra.globo.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
x-openstack-request-id
tx81f539b8efec47a2896f4-0064282efd
last-modified
Tue, 25 Jun 2019 17:36:35 GMT
x-thanos
0AB14003
etag
4124088fdd8c315a6d096b65b6cbf428
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484194.26376
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10352
x-trans-id
tx81f539b8efec47a2896f4-0064282efd
x-request-id
d003c75c-c62e-4993-8e5c-a12738e4ffda
light.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/light.woff2
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8

Request headers

Referer
https://extra.globo.com/
Origin
https://extra.globo.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
x-openstack-request-id
tx271241dcf2464b0eb8d74-00641074f6
last-modified
Tue, 25 Jun 2019 17:36:08 GMT
x-thanos
0AB14003
etag
98b6233d6ac91b3538d60fee0ce3393b
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484167.30297
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10200
x-trans-id
tx271241dcf2464b0eb8d74-00641074f6
x-request-id
47a862ad-8912-4a3c-af85-70e56290d55e
v0.js
cdn.ampproject.org/ 		277 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5b67149257bc5b172463989ab9e0f33a2229adc07012eb7a7c90468505bd6d1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Sep 2023 01:57:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73017
x-xss-protection
0
server
sffe
etag
"1fbcd51b50b3cf51"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Sep 2023 01:57:59 GMT
lib-pub-relay-extra-latest.js
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/extra/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/extra/prod/lib-pub-relay-extra-latest.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
6a37db47c18bef69710511d93c04fc9ea341235080185d5f8381754d5ebbaf57

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
content-encoding
gzip
x-openstack-request-id
txdc275f15b3f740f685a79-00650ba2c5
last-modified
Fri, 18 Aug 2023 21:17:37 GMT
x-thanos
0AB24047
vary
Accept-Encoding, Origin
x-object-meta-mtime
1692392184.000000
content-type
application/javascript
x-timestamp
1692393456.27429
cache-control
public, max-age=180
x-trans-id
txdc275f15b3f740f685a79-00650ba2c5
x-request-id
18f0839c-9541-4f4e-87a9-ab65518ee964
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4095ef60dc2a51dadc1d2f407052a07ba2358e86c5b748a784328e2e6376722c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Sep 2023 01:57:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4735
x-xss-protection
0
server
sffe
etag
"f4656ca95aa76a9d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Sep 2023 01:57:59 GMT
amp-timeago-0.1.js
cdn.ampproject.org/v0/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-timeago-0.1.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c5e3616522e0f74d1294012414ac84d5e10691b0205307aa446eaf85a7c6cff
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Sep 2023 01:57:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9077
x-xss-protection
0
server
sffe
etag
"559a9a7a10d438b4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Sep 2023 01:57:59 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/v0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-fit-text-0.1.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc925f34ccc4d97d89b5b5b0ccca6a2ef842070eaa2be0c89dcd6d462a78e8a8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Sep 2023 01:57:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2512
x-xss-protection
0
server
sffe
etag
"ed0804112cc0f574"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Sep 2023 01:57:59 GMT
amp-bind-0.1.js
cdn.ampproject.org/v0/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-bind-0.1.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b7f4244fefd45a75e2d467f878917dbf5fd1f2cdf7fbe137caeb41ed4934703
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Sep 2023 01:57:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16387
x-xss-protection
0
server
sffe
etag
"16a91fea653d791a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 21 Sep 2023 01:57:59 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		249 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28a07ea9153aaa450bfa669a2fdac73af62cdbaf8ce6707818c83d3bffcbacd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:33:27 GMT
content-encoding
gzip
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
last-modified
Thu, 14 Sep 2023 19:04:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
1473
x-amz-server-side-encryption
AES256
etag
W/"dbe99cd7da3b62fd2eb4471b4e2a636c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
0_8XqX2yrCs8NZqYtb_Qd4RuD-50jX8_pTmi2sO4oD3vcIjqoRdbhg==
barra-globocom.min.css
barra.globo.com/gl/ba/oidcprodutos/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
d01b2cf5b15e8ea0ef57c0ccc66a390b354d8dbc11410035fb73eb12ab3ee514
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-location-rule
barra-legado
date
Thu, 21 Sep 2023 01:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
47455714 ra03 11 06
age
167
x-cache-status
HIT
x-goog-meta-x-goog-reserved-source-generation
1669739324870000
content-length
4317
x-xss-protection
1; mode=block
x-request-id
310b9d3e-8a3e-49ae-8a94-6aa418d65f3e
last-modified
Fri, 02 Jun 2023 19:14:58 GMT
x-thanos
0AB1D011
etag
W/"c580509368f67b01edaa2d4f8057bbbe"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/css; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 21 Sep 2023 02:00:12 GMT
espn.jpg
s2-extra.glbimg.com/1eB3GFXqERDPkp_nRJWTDmDbpr4=/0x0:662x443/888x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_1f551ea7087a47f39ead75f64041559a/internal_photos/bs/2023/H/B/P9r83iRBCP0fp0FRm1gw/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-extra.glbimg.com/1eB3GFXqERDPkp_nRJWTDmDbpr4=/0x0:662x443/888x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_1f551ea7087a47f39ead75f64041559a/internal_photos/bs/2023/H/B/P9r83iRBCP0fp0FRm1gw/espn.jpg
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
7dbb8873176bc4d165aeddaeec0aa66eefdb1acf637b7f4d026fea13ed412989

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:57:43 GMT
via
2.0 CachOS
x-bip
54136900 asra01mp14lx04ca04.globoi.com
age
0
x-cache-server
thumbor/nginx-cache
content-length
25258
x-cached
MISS
x-request-id
aa9f9fec-82b3-41dc-8fd5-d470a5492d38
x-forwarded-host
s2-extra.glbimg.com
x-thanos
0AB0D08C
etag
"512fb7c2b4eea9e82a3eda7d87b5a6032fb9a4f3"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sat, 21 Oct 2023 01:58:00 GMT
bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/ 		220 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
da417b10878ef530228ad8bf0950fbb2cb5471a51aea7491d508af71ba394f09

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
content-encoding
gzip
x-openstack-request-id
tx79d97a1c56fe4ed38d269-0064fa0923
last-modified
Tue, 08 Aug 2023 17:32:03 GMT
x-thanos
0AB24047
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1691515922.84841
cache-control
public, max-age=2592000
x-trans-id
tx79d97a1c56fe4ed38d269-0064fa0923
x-request-id
2ef7b444-e75d-4b50-a654-03d22c93a7f2
db8cb48e-2b5f-48af-ac81-9d2582081f66.js
s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/extra/b64a8976-9bc3-4448-a5fe-d7bef81f9916/ 		479 B
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/extra/b64a8976-9bc3-4448-a5fe-d7bef81f9916/db8cb48e-2b5f-48af-ac81-9d2582081f66.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
8797be25ffaa9fc494eb3acf1de32240ae5103673d148cbb7369e904f19be38e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
x-openstack-request-id
tx41bcb902e28744e898299-00650ba28c
last-modified
Mon, 18 Sep 2023 11:45:45 GMT
x-thanos
0AB24047
etag
b524a924d05063642ab5cd268bee034e
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1695037544.95489
cache-control
public, max-age=180
accept-ranges
bytes
content-length
479
x-trans-id
tx41bcb902e28744e898299-00650ba28c
x-request-id
ff51ccd0-3eb4-496e-b7d3-d0d533129e2b
api.min.js
p.glbimg.com/api/stable/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.glbimg.com/api/stable/api.min.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
171a128c043d930abdd29b98c54e26baa4c852db3404d78b948fe0ff948a4a19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Thu, 21 Sep 2023 01:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
45723144 ra09 20 03
age
34973
x-cache-status
HIT
content-length
12654
x-xss-protection
1; mode=block
x-request-id
7ad5fbb3-0e44-4c16-98d0-d9262ae98de3
last-modified
Tue, 03 Jan 2023 00:49:51 GMT
x-thanos
0AB4D012
etag
W/"d82e539ab2fdc0f51354d1f15969ebbe"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 21 Sep 2023 16:15:06 GMT
26bcdfda-ceb4-4990-9499-0e9e49381175
config.aps.amazon-adsystem.com/configs/ 		537 B
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/26bcdfda-ceb4-4990-9499-0e9e49381175
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
e735f40b7302c5d9bc85349ce69ee192d28e572d1ac9c669e3dad4822219ae48

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:47:27 GMT
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
632
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
ifONlZojtZjhLKDs_1FzmBtScpiZht-mp3TBj_8KUMAsNLhfW4t1yg==
config
c.amazon-adsystem.com/cdn/prod/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fextra.globo.com&pubid=26bcdfda-ceb4-4990-9499-0e9e49381175
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 21:55:13 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
14566
x-cache
Hit from cloudfront
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
4m0TKO-3ZDoM--W6njc-M55QKLT4jA3OyD77jlcXKE3omUr-5ZSeIw==
bid
aax.amazon-adsystem.com/e/dtb/ 		169 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&pid=83fzfc1STDYvY&cb=0&ws=1600x1200&v=23.829.1852&t=2000&slots=%5B%7B%22sd%22%3A%22mc-container-top%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22970x250%22%2C%22970x150%22%2C%221190x250%22%2C%221190x150%22%5D%2C%22sn%22%3A%2285042905%2Finfo.web.extra%2Feconomia%2Fmateria%22%7D%2C%7B%22sd%22%3A%22banner_materia1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2285042905%2Finfo.web.extra%2Feconomia%2Fmateria%22%7D%2C%7B%22sd%22%3A%22pub-in-text%22%2C%22s%22%3A%5B%22640x360%22%2C%22640x480%22%5D%2C%22sn%22%3A%2285042905%2Finfo.web.extra%2Feconomia%2Fmateria%22%7D%2C%7B%22sd%22%3A%22banner_materia2%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22970x250%22%2C%22970x150%22%2C%221190x250%22%5D%2C%22sn%22%3A%2285042905%2Finfo.web.extra%2Feconomia%2Fmateria%22%7D%2C%7B%22sd%22%3A%22banner_feed__0%22%2C%22s%22%3A%5B%22600x300%22%2C%22970x250%22%2C%22970x90%22%2C%22970x150%22%5D%2C%22sn%22%3A%2285042905%2Finfo.web.extra%2Feconomia%2Fmateria%22%7D%2C%7B%22sd%22%3A%22banner_middle_feed__1%22%2C%22s%22%3A%5B%22600x300%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22970x150%22%5D%2C%22sn%22%3A%2285042905%2Finfo.web.extra%2Feconomia%2Fmateria%22%7D%2C%7B%22sd%22%3A%22banner_feed__1%22%2C%22s%22%3A%5B%22600x300%22%2C%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22970x150%22%5D%2C%22sn%22%3A%2285042905%2Finfo.web.extra%2Feconomia%2Fmateria%22%7D%5D&pubid=26bcdfda-ceb4-4990-9499-0e9e49381175&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1b708efa9b247ef966739eac928a97adcc0b07f9a446dcebe6999eb66b7f9592
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
HJ16S10ZHSCH4273JAB2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
169
x-amz-cf-id
FAvdiRKM3effPnPS3owyuoJuxM_8c6GL36JEJfsG-tDxsu9qOTRmmA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
date
Wed, 20 Sep 2023 05:34:29 GMT
x-amz-cf-pop
FRA2-C1
age
73861
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
3gdx4Zf1O_p4WpEIccFELZzHg2oSoM-o5Al75y4SbgTT5pbTXJm7yg==
jquery.min.js
s3.glbimg.com/cdn/libs/jquery/1.8.3/ 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer
https://extra.globo.com/
Origin
https://extra.globo.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
content-encoding
gzip
x-openstack-request-id
txb09d5ecaf62044de97f8b-0064107ef3
last-modified
Tue, 09 Oct 2018 19:06:54 GMT
x-thanos
0AB14003
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1539112013.52960
cache-control
max-age=31536000
x-trans-id
txb09d5ecaf62044de97f8b-0064107ef3
x-request-id
501a582d-efef-41af-a938-73abfae172c7
3285a3b42817917627f4d6f281c7ac6b.js
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 		303 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
166cfe7c2adcd0f393ea3723890e487b38af3385a921a8c14f2886f0dd9cc696

Request headers

Referer
https://extra.globo.com/
Origin
https://extra.globo.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
content-encoding
gzip
x-openstack-request-id
tx630480b123054f84b1cda-00650b432c
content-length
106129
x-trans-id
tx630480b123054f84b1cda-00650b432c
x-request-id
0412a94f-ad7c-4a60-bf56-c505bd409e3a
last-modified
Wed, 19 Jul 2023 19:00:09 GMT
x-thanos
0AB14003
etag
7aa3d15d1317ea21933517c0d9570534
vary
Accept-Encoding, Origin
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
x-timestamp
1689793208.57347
cache-control
public, max-age=604800
accept-ranges
bytes
lib-pub-core-extra-latest.js
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/extra/prod/ 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/extra/prod/lib-pub-core-extra-latest.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/extra/prod/lib-pub-relay-extra-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
fbf51a9873732d8e7d185d5c6d6398be3269c2634b22128b12e094e08190a2bc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
content-encoding
gzip
x-openstack-request-id
tx4a1daa2355754985a575f-00650ba308
last-modified
Wed, 13 Sep 2023 18:33:41 GMT
x-thanos
0AB24047
vary
Accept-Encoding, Origin
x-object-meta-mtime
1694629832.000000
content-type
application/javascript
x-timestamp
1694630020.22571
cache-control
public, max-age=180
x-trans-id
tx4a1daa2355754985a575f-00650ba308
x-request-id
1cd7c685-8df8-4df7-b1e0-852b66cb6cba
truncated
/ 		727 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3945a98e43cd2167bfa9e8385ffa54335b9a393fa66af78f9b9deba11bd87470

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		738 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03bd05cfb6d0789c54678927cfbd8d3ab3c9b721cee69b3dec80dc9c521149dc

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f1e7751de7211682870afa390d8383cddbf7845eb9d83b700752bc26602a782

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		695 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa3ebe966a050c4716fb681161db8c5e3c966e7eef21dbc7dae3a79fd33bd535

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
rossi.jfif
s2-extra.glbimg.com/Crql3N9XYOdMjkZr_9RC3xi-UrY=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_1f551ea7087a47f39ead75f64041559a/internal_photos/bs/2023/B/t/af6AMNRIWCyGNPnAmqbQ/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-extra.glbimg.com/Crql3N9XYOdMjkZr_9RC3xi-UrY=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_1f551ea7087a47f39ead75f64041559a/internal_photos/bs/2023/B/t/af6AMNRIWCyGNPnAmqbQ/rossi.jfif
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
603cff041c3543d52c80727596ba99522cc3aaae88c3cba3644abfd043f13d23

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:57:43 GMT
via
2.0 CachOS
x-bip
51556244 asra01mp14lx04ca04.globoi.com
age
6857
x-cache-server
thumbor/nginx-cache
content-length
35902
x-cached
HIT
x-request-id
44848dfd-a5f7-48af-9809-1c2352c1f94d
x-forwarded-host
s2-extra.glbimg.com
x-thanos
0AB0D08C
etag
"a950dffca480159efd3714b7982f64391bfc6ed0"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 20 Oct 2023 23:58:02 GMT
11963336
s2-extra.glbimg.com/eZc3Me0DtArlBGmSyTT9gNmuVS8=/540x304/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/36/33/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-extra.glbimg.com/eZc3Me0DtArlBGmSyTT9gNmuVS8=/540x304/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/36/33/11963336
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
2285eabfcb7a0e46f16f9bf5ad39dc57059bd20be5c91b1480120c4796e5f27b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:57:43 GMT
via
2.0 CachOS
x-bip
51465636 asra01mp14lx04ca04.globoi.com
age
364
x-cache-server
thumbor/nginx-cache
content-length
6538
x-cached
HIT
x-request-id
f6cdbd4c-3a2d-424b-8149-e4161f77d5cc
x-forwarded-host
s2-extra.glbimg.com
x-thanos
0AB0D08C
etag
"fe060194293c311d8ce30ac3e90a82a189709351"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=3600,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 21 Sep 2023 02:41:34 GMT
caixa2.jpg
s2-extra.glbimg.com/lSD5CUUToTuVUNZO_ehQ3hZLLfg=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_1f551ea7087a47f39ead75f64041559a/internal_photos/bs/2023/6/v/ZKabNfTjuxetQ5gRzdug/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-extra.glbimg.com/lSD5CUUToTuVUNZO_ehQ3hZLLfg=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_1f551ea7087a47f39ead75f64041559a/internal_photos/bs/2023/6/v/ZKabNfTjuxetQ5gRzdug/caixa2.jpg
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
5179b36a3da3daf10974f2e8c7247baa53ba3a6af2d96c051f45ffcb13e9ff65

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:57:43 GMT
via
2.0 CachOS
x-bip
46232796 asra01mp14lx04ca04.globoi.com
age
8436
x-cache-server
thumbor/nginx-cache
content-length
30542
x-cached
HIT
x-request-id
ef301352-6ce4-4be3-a5d4-0f6098e5610a
x-forwarded-host
s2-extra.glbimg.com
x-thanos
0AB0D08C
etag
"558eba3b69a17452e8377adc4458082c7d8190b2"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 20 Oct 2023 23:31:45 GMT
bastian-20230853106938e97a07e2056f5ffed36520e9.rest.css
s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-20230853106938e97a07e2056f5ffed36520e9.rest.css
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
71c61f2dfa7f304323163478fe9e1bc1cfe3910382a43142b55f61be5af8c670

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
content-encoding
gzip
x-openstack-request-id
tx164f1caa0f054cb89ac8c-0064f0a557
last-modified
Tue, 08 Aug 2023 17:32:01 GMT
x-thanos
0AB24047
vary
Accept-Encoding, Origin
content-type
text/css
x-timestamp
1691515920.59004
cache-control
public, max-age=2592000
x-trans-id
tx164f1caa0f054cb89ac8c-0064f0a557
x-request-id
b1197e63-abc4-42e7-8af6-b4c6cbce37fa
541edb519ec9244af5813b86243d89c6.css
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/541edb519ec9244af5813b86243d89c6.css
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
723f9d1a00a556b0985d12bb418005e7d69bc3093067451a8caa978ed32edfdc

Request headers

Referer
https://extra.globo.com/
Origin
https://extra.globo.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
content-encoding
gzip
x-openstack-request-id
txe485eff12c854fe187aa8-006509ab0e
content-length
1009
x-trans-id
txe485eff12c854fe187aa8-006509ab0e
x-request-id
d0eea70f-9d45-4ec4-a370-26f9b636a347
last-modified
Mon, 26 Sep 2022 18:08:28 GMT
x-thanos
0AB14003
etag
01c9ab7623293c3fac64141610cd7b5d
vary
Accept-Encoding, Origin
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
x-timestamp
1664215707.43887
cache-control
public, max-age=604800
accept-ranges
bytes
truncated
/ 		436 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		507 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
opensans-light-webfont.woff
s.glbimg.com/gl/ba/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/gl/ba/fonts/opensans-light-webfont.woff
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://extra.globo.com/
Origin
https://extra.globo.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-location-rule
barra-legado
date
Thu, 21 Sep 2023 01:58:01 GMT
via
2.0 CachOS
x-content-type-options
nosniff
x-bip
113579018 ra09 20 02
age
0
x-cache-status
HIT
x-goog-meta-x-goog-reserved-source-generation
1669739323813245
content-length
20184
x-xss-protection
1; mode=block
x-request-id
e998a1a7-f49a-4823-a348-9c140f38ead5
last-modified
Thu, 04 May 2023 18:56:24 GMT
x-thanos
0AB4D011
etag
"d6cc1c50b230a5c61bb684e07f3e0e98"
vary
Origin
x-served-from
estaticos-gcp-prod
content-type
font/woff
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 21 Sep 2023 02:03:01 GMT
barra-globocom.min.js
s.glbimg.com/gl/ba/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
b81ad1210bf4276e2651563c487f1116410f97232fcf37a85c09dffa25edda2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-location-rule
barra-legado
date
Thu, 21 Sep 2023 01:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
50301238 ra09 20 03
age
92
x-cache-status
HIT
x-goog-meta-x-goog-reserved-source-generation
1669739323699742
content-length
10597
x-xss-protection
1; mode=block
x-request-id
efdd3820-778f-4a0e-8bb1-5da19a35f1ca
last-modified
Thu, 04 May 2023 18:56:23 GMT
x-thanos
0AB4D012
etag
W/"1af9514851ffe9f801c5468a9d1206ac"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 21 Sep 2023 02:01:28 GMT
truncated
/ 		203 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
facf2263e978333110dd0189c5f1bdc996049f5cb0370267797f14a6bd6cb798

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		204 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff304273da0f47eae2cd3afd8bef0d54b02e2c7011614f316f4e4cb2a28dc579

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
settings.min.js
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/settings.min.js
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
8e1abad13842cfce1f10ec038a49780b0c8889d90f314fd084e946536e043f1c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
content-encoding
gzip
x-openstack-request-id
tx1c5febd55a5241d8b4e36-00650ba328
last-modified
Sat, 02 Sep 2023 17:44:45 GMT
x-thanos
0AB24047
vary
Accept-Encoding, Origin
x-object-meta-mtime
1693675470.000000
content-type
application/javascript
x-timestamp
1693676684.90264
cache-control
public, max-age=
x-trans-id
tx1c5febd55a5241d8b4e36-00650ba328
x-request-id
006039ef-036a-4267-ab57-48504969fc26
horizon-client-js.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
content-encoding
gzip
x-openstack-request-id
tx984adb3b361948238815b-00650ba214
last-modified
Fri, 13 Nov 2020 17:21:38 GMT
x-thanos
0AB24047
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1605288097.88717
cache-control
public, max-age=600
x-trans-id
tx984adb3b361948238815b-00650ba214
x-request-id
9d7b57fd-10fd-4a4e-8715-eb9ca6d7115d
glb-pv-min.js
s.glbimg.com/bu/rt/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/bu/rt/js/glb-pv-min.js
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Thu, 21 Sep 2023 01:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
37437869 ra09 20 03
age
34974
x-cache-status
HIT
content-length
945
x-xss-protection
1; mode=block
x-request-id
56eb5ff5-d5b3-4f23-9d1e-d1b65af560cb
last-modified
Fri, 11 Nov 2022 21:36:41 GMT
x-thanos
0AB4D012
etag
W/"aaaef25ae81d7253ced007ce6451d65e"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 21 Sep 2023 16:15:06 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035227/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
381 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:42:22 GMT
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
4546
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
E0Pi_Huh6FpfZQDSO9gejAmKijWRbqiDYfzZOvHro0W_Pcmsb-oB4w==

Redirect headers

date
Thu, 21 Sep 2023 01:58:00 GMT
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
GjBU2kcPmCVpKkD4Whyzz7B_qK3tl3Smqc9G3z6jUPjm_ptXrhzzVw==
logo_globoplay.svg
s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/logos/globoplay/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/logos/globoplay/logo_globoplay.svg
Requested by
Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
c637bc70cc671cda4cc4885f7b5f53537f9ded298f7ddcb6a784ca244606f0ea

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://barra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
content-encoding
gzip
x-openstack-request-id
txb83d74761b92499f9adde-00650ba306
last-modified
Mon, 17 Oct 2022 13:20:36 GMT
x-thanos
0AB24047
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-timestamp
1666012835.41302
cache-control
public, max-age=180
x-trans-id
txb83d74761b92499f9adde-00650ba306
x-request-id
8433cbe6-1781-4a30-878e-559646cbdd64
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1695261480853&ns_c=UTF-8&c8=ESPN%20vai%20criar%20marca%20de%20apostas%20esportivas%20em%20acordo%20com%20rede%20de%20cassinos%20no%20valor%2...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1695261480853&ns_c=UTF-8&c8=ESPN%20vai%20criar%20marca%20de%20apostas%20esportivas%20em%20acordo%20com%20rede%20de%20cassinos%20no%20valor%...
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1695261480853&ns_c=UTF-8&c8=ESPN%20vai%20criar%20marca%20de%20apostas%20esportivas%20em%20acordo%20com%20rede%20de%20cassinos%20no%20valor%20de%20US%24%202%20bilh%C3%B5es%20%7C%20Economia%20%7C%20extra&c7=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&c9=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
a31MuASdP-Oe3jy93_IYvapIj6l921KxSksf57j2Hp_nB4kSdOHnaw==

Redirect headers

date
Thu, 21 Sep 2023 01:58:00 GMT
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
location
/p2?c1=2&c2=6035227&ns__t=1695261480853&ns_c=UTF-8&c8=ESPN%20vai%20criar%20marca%20de%20apostas%20esportivas%20em%20acordo%20com%20rede%20de%20cassinos%20no%20valor%20de%20US%24%202%20bilh%C3%B5es%20%7C%20Economia%20%7C%20extra&c7=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&c9=
content-length
0
x-amz-cf-id
IqFnGUDOb4bwRFENiQIvEMGaky4aO7K1Y3Gk-kRi45nTssmwvEhmAw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		100 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/extra/prod/lib-pub-core-extra-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3242ff915de3b41bbd99bc19f96127ca4e7b3b425e67e4768686269f1a41e783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29906
x-xss-protection
0
server
cafe
etag
307 / 19621 / 31077993 / config-hash: 9843192085666301801
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 01:58:00 GMT
15688_extra.js
ads.rubiconproject.com/prebid/ 		417 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/15688_extra.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/extra/prod/lib-pub-core-extra-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
388a438fc02c74efc68e12667d687b921e92f9d72896f99b404b316f245db640

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
content-encoding
gzip
last-modified
Thu, 21 Sep 2023 01:40:41 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
124342
expires
Thu, 21 Sep 2023 05:46:54 GMT
publicidade.css
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/css/prod/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/css/prod/publicidade.css
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/extra/prod/lib-pub-core-extra-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:00 GMT
content-encoding
gzip
x-openstack-request-id
tx0e6128bd8660402d8f26c-00650ba328
last-modified
Wed, 13 Sep 2023 18:42:19 GMT
x-thanos
0AB24047
vary
Accept-Encoding, Origin
content-type
text/css
x-timestamp
1694630538.09953
cache-control
public, max-age=180
x-trans-id
tx0e6128bd8660402d8f26c-00650ba328
x-request-id
35b9d1e1-e8f8-4af2-b737-35f534ba8ca4
selected-alternatives
globo-ab.globo.com/v2/ 		294 B
814 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://globo-ab.globo.com/v2/selected-alternatives?experiments=player-isolated-experiment-02&skipImpressions=true
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.229.88 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
88.229.95.34.bc.googleusercontent.com
Software
/
Resource Hash
80de5bfa2106ca608b9651531d576427871cf4cf1d94843ba7997599bf53eaa1
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
strict-transport-security
max-age=300; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
trace-id
4666ef4a4c9ec9d4
access-control-allow-headers
user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID
15688-pbjs-floors.json
ads.rubiconproject.com/floors/ 		41 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/15688-pbjs-floors.json
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
20c393d5efe5db837e1326c35d8b40950ed8e559a73c0e0a98053c1cc9ada1b6

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
gzip
last-modified
Thu, 21 Sep 2023 01:40:41 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
3167
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230921
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fd6b812d56865b9c24a9ed4492c49396d63b1807c8b217235505d0b1afb0b40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35817
x-jsd-version
1.0.1819
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"639-zUoBAJPuyqTAmrklzHFFxrwoC3M"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCUDKpWvHjcLoDLBX93Hu0FF3L3QCeAWqThUBSALxKfwXCrJ%2BOpA93zlitfI3hAKYbHaYWlFJNftQ2B34wBYhD4L5zmqqSk73TUbV6A9EuvcoI182pk%2BzpjYdCRwMsPhtJTcFL%2Bz9FOii31Cpxs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
809eb360fd9c01e3-ZRH
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/ 		409 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1bde658df6e7fc967fdfa663ef601083be84e4dfb80de29e5423d8d618bf790e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 10:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
55275
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131810
x-xss-protection
0
server
cafe
etag
9411153894055172020
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 19 Sep 2024 10:36:46 GMT
horizon-pageview
horizon.globo.com/auth-session/activity/extra/ 		0
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://horizon.globo.com/auth-session/activity/extra/horizon-pageview?object=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&Referrer=&tags=&client_version=0.3.11
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=60

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
strict-transport-security
max-age=60
content-length
0
x-served-from
hzt-tsuru
content-type
text/plain; charset=UTF-8
tv4.min.js
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
gzip
x-openstack-request-id
tx2b589191cd854470bd570-006359748f
last-modified
Fri, 25 May 2018 14:11:50 GMT
x-thanos
0AB24047
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1527257509.32548
cache-control
public, max-age=31536000
x-trans-id
tx2b589191cd854470bd570-006359748f
x-request-id
f1e0d989-a49d-470a-896c-77eb54e536c8
auth
id.qa.globoi.com/auth/realms/globo.com/protocol/openid-connect/ Frame B35B 		0
0
esp.js
cdn.id5-sync.com/api/1.0/ 		139 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 09:30:49 GMT
server
cloudflare
x-amz-request-id
DT5P65FPBPWT4SZE
age
3288
etag
W/"1a5f44cdb786ba83a7fa05963228f464"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
809eb3628d0f3605-FRA
x-amz-id-2
V4IMDkxuvzX6e7LToXqNpV6+QpGUPejj/VCiHP67kBAUOTAkihYtGtJ5uOA7MEysgKRbWB4UiuU=
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:6200:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date
Wed, 20 Sep 2023 05:20:17 GMT
Via
1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
74265
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Wed, 06 Sep 2023 03:40:59 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
p8CSjKth-hDfLD9So-wPxZDhoxIPngKps8YSS22iJFDA_kqkK-fHoQ==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
28387
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FfLMBiZxFz0oIUsEbdY6PeQ00nZXAvRXd5KZKxAALIVzqafuJy8%2B52Ad54bcw83qr3DkN%2FosjygTWmr72XJow8%2FvB8vu%2BU4sCkSiIeOaZUHZW4nfnMJO4HdZo2JlVBYzwR3kMUR5LlBB64WH1X0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
809eb3624a470208-ZRH
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 04:27:21 GMT
content-encoding
gzip
age
2064640
x-guploader-uploadid
ADPycdvO63Bs2hpfvrq4P31AF9LvzTxHSA_jJUqYOnbEjFh1BfJWVElI9jTga5pYHwO5mvT4IwwwIh1cSCracbb_xVSxAQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 27 Aug 2024 04:27:21 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-ab99"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Sep 2023 01:58:01 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 02:44:08 GMT
content-encoding
gzip
via
1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
83634
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
qW5BJr5PZzhQirY74iWqGBuwP0TbNGsw65Yoo7_-x99UFa9wwdzMcA==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
49e9ea585ebd8cb91390156406b7682a
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1018191574028614&correlator=3811314122160737&eid=31077993%2C31077899%2C31077190&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fif&iu_parts=85042905%2Cinfo.web.extra%2Ceconomia%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90%7C970x250%7C970x150%7C1190x150%7C1190x250&ifi=1&didk=4081597332&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1695261481301&lmt=1695254281&adxs=205&adys=3289&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&vis=1&psz=1190x-1&msz=1190x-1&fws=4&ohw=1190&ga_vid=156638556.1695261481&ga_sid=1695261481&ga_hid=285636105&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYx7LVq6sxSABSAghkEhkKCnB1YmNpZC5vcmcYxrLVq6sxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMay1aurMUgAUgIIZBIXCghydGJob3VzZRjHstWrqzFIAFICCGQSFAoFb3BlbngYxrLVq6sxSABSAghkEhkKCnVpZGFwaS5jb20YxrLVq6sxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjEstWrqzFIAFICCGQ.&dlt=1695261479008&idt=2227&prev_scp=Editora.pos%3DFooter%26rc%3Dbanner_materia_0&cust_params=ambient%3D%26tipo_pagina%3Dmulti-content%26editora.random%3D8%26Editora.url%3Despn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1695261480871%26prmtvvid%3D%26prmtvwid%3D&adks=4157668513&frm=20
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f8494bc34c8fd03d4878e127a9608df54dcdf3e0f4abb80ec41476d5cd49690
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12112
x-xss-protection
0
google-lineitem-id
5770660547
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138360166838
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1018191574028614&correlator=930203667316451&eid=31077993%2C31077899%2C31077190&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fif&iu_parts=85042905%2Cinfo.web.extra%2Ceconomia%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90%7C970x250%7C970x150%7C1190x250%7C1190x150&ifi=2&didk=3223810204&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1695261481319&lmt=1695254281&adxs=205&adys=2521&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&vis=1&psz=1190x-1&msz=1190x-1&fws=4&ohw=1190&ga_vid=156638556.1695261481&ga_sid=1695261481&ga_hid=285636105&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYx7LVq6sxSABSAghkEhkKCnB1YmNpZC5vcmcYxrLVq6sxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMay1aurMUgAUgIIZBIXCghydGJob3VzZRjHstWrqzFIAFICCGQSFAoFb3BlbngYxrLVq6sxSABSAghkEhkKCnVpZGFwaS5jb20YxrLVq6sxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjEstWrqzFIAFICCGQ.&dlt=1695261479008&idt=2227&prev_scp=Editora.pos%3DMiddle%26rc%3Dbanner_materia2_0&cust_params=ambient%3D%26tipo_pagina%3Dmulti-content%26editora.random%3D8%26Editora.url%3Despn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1695261480871%26prmtvvid%3D%26prmtvwid%3D&adks=1993649413&frm=20
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f70d94b5dddce93ccdc98ca4798457f1943657d9415eb7131eb0c9e9a3ea4c03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12117
x-xss-protection
0
google-lineitem-id
5770660547
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138360166838
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 754D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:01 GMT
expires
Fri, 20 Sep 2024 01:58:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ww.js
cdn.ampproject.org/rtv/012309082229000/ 		51 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012309082229000/ww.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854e654af8d6d85bb2e0bd12427b928d0bdcf58c4fadaae8edcc79fa550f2721
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Sep 2023 19:01:48 GMT
age
111373
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14443
x-xss-protection
0
server
sffe
etag
"d97ceda4d2eaaac4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 18 Sep 2024 19:01:48 GMT
api.min.js
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/api/stable/web/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/api/stable/web/api.min.js?loading-agent=global-webdeps
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
2fe3a6f51dffc0843daa46b85777e305e57b0423da47efae4b4ce5e30bb3f7de

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
gzip
x-openstack-request-id
tx20860b8447ab46d5b2a1e-00650b9701
last-modified
Mon, 18 Sep 2023 18:03:15 GMT
x-thanos
0AB24047
vary
Accept-Encoding, Origin
x-object-meta-mtime
1695059063.000000
content-type
application/javascript
x-timestamp
1695060194.72983
cache-control
public, max-age=3600
x-trans-id
tx20860b8447ab46d5b2a1e-00650b9701
x-request-id
a60ae972-acf3-4615-a38d-30a6cbf3105b
cadun.js
s.glbimg.com/pc/ca/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
49850520 ra09 20 03
age
34975
x-cache-status
HIT
content-length
4958
x-xss-protection
1; mode=block
x-request-id
34b31b2c-74a7-478a-b68a-a2ad98eed42c
last-modified
Fri, 11 Nov 2022 21:56:44 GMT
x-thanos
0AB4D012
etag
W/"d90f88fa40b545a289d34957b165ffb3"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 21 Sep 2023 16:15:06 GMT
globo-ab.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.4.0/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.4.0/globo-ab.min.js?loading-agent=global-webdeps
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e8bf9ccc765b5576c8b86e1f75a308e112cea4c1ead476dcf94720d10fa6fb0d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
gzip
x-openstack-request-id
tx43ce5a28a2cd4c72b91ca-00650ba29d
last-modified
Thu, 12 May 2022 20:00:29 GMT
x-thanos
0AB24047
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1652385628.79171
cache-control
public, max-age=180
x-trans-id
tx43ce5a28a2cd4c72b91ca-00650ba29d
x-request-id
d8702a17-cc49-45b0-950e-7f5b168aa3d6
globo-ab-v2.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/globo-ab-v2.min.js?loading-agent=global-webdeps
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
60b0f8f7a630b8cf83d4c29ddd3e6e614b119208fe97a96cae6dc6311541671b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
gzip
x-openstack-request-id
tx19c1d72af1b045fdb7f6b-00650b4e70
last-modified
Wed, 24 Oct 2018 17:17:43 GMT
x-thanos
0AB24047
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1540401462.48634
cache-control
public, max-age=86400
x-trans-id
tx19c1d72af1b045fdb7f6b-00650b4e70
x-request-id
ea793307-b029-417f-91e5-a3f8e24676e6
globo-ab.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/globo-ab.min.js?loading-agent=global-webdeps
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
gzip
x-openstack-request-id
tx5f3281e81fc440e185136-00650ba27f
last-modified
Tue, 19 May 2020 15:37:59 GMT
x-thanos
0AB24047
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1589902678.74751
cache-control
public, max-age=180
x-trans-id
tx5f3281e81fc440e185136-00650ba27f
x-request-id
737dce2a-9321-4d3f-a17a-3c832d4cf813
iu3
aax-eu.amazon-adsystem.com/s/ Frame 47B9
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&dcc=t
339 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e7913d9931339dfb68c0813ecdbcf47bbdecbe528ee901aaccfd1e396c57bfd6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
339
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 21 Sep 2023 01:58:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
BWD46BFBC5DJYPTZ7PB1

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 21 Sep 2023 01:58:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
S823PSZ2HXD5V1TQ146Q
fastlane.json
fastlane.rubiconproject.com/a/api/ 		652 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=264326&zone_id=1308078&size_id=2&alt_size_ids=55%2C57%2C221&eid_pubcid.org=4f01de84-66d9-426b-9900-d772231794c9%5E1&rf=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&tg_i.domain=extra.globo.com&tg_i.page=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&tg_i.adunit=85042905_info.web.extra%2Feconomia%2Fmateria&tg_i.aupname=%2F85042905.*%26mc-container-top.*%26position%3Datf&tg_i.pbadslot=%2F85042905%2Finfo.web.extra%2Feconomia%2Fmateria%23mc-container-top&tk_flint=dmpbjs_v7.54.0&x_source.tid=42f52931-5de0-4235-93e9-c88fd9d0edf8&l_pb_bid_id=20d526c86a0457&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=42f52931-5de0-4235-93e9-c88fd9d0edf8&rp_hard_floor=0.1&rp_maxbids=1&p_gpid=%2F85042905%2Finfo.web.extra%2Feconomia%2Fmateria%23mc-container-top&slots=1&rand=0.8467682619909327
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8d5f5b0e12413c31ac22cd7475b22477820333b983a3c0a3c589fe408cacdec5

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		143 B
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
604c11d6218811b97bc0c0be77727bd7d592e54953949578579099b836e9aa3d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:01 GMT
an-x-request-uuid
05d38364-5f5a-445b-a7f0-dd511ad2ef7a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
143
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=84506389871&lsavail=1
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:00 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.65 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
b2196cde2d80551633efe790ebaeb62d5d0195c4873daabf6b0ec00f7bcc6fa6

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
ads
securepubads.g.doubleclick.net/gampad/ 		35 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1018191574028614&correlator=4298456933376577&eid=31077993%2C31077899%2C31077190&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fif&iu_parts=85042905%2Cinfo.web.extra%2Ceconomia%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=3&didk=3223810205&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1695261481453&lmt=1695254281&adxs=892&adys=1569&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=1600&ga_vid=156638556.1695261481&ga_sid=1695261481&ga_hid=285636105&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYx7LVq6sxSABSAghkEhkKCnB1YmNpZC5vcmcYxrLVq6sxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMay1aurMUgAUgIIZBIXCghydGJob3VzZRjHstWrqzFIAFICCGQSFAoFb3BlbngYxrLVq6sxSABSAghkEhkKCnVpZGFwaS5jb20YxrLVq6sxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjEstWrqzFIAFICCGQ.&dlt=1695261479008&idt=2227&prev_scp=Editora.pos%3DTop%26rc%3Dbanner_materia1_0&cust_params=ambient%3D%26tipo_pagina%3Dmulti-content%26editora.random%3D8%26Editora.url%3Despn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1695261480871%26prmtvvid%3D%26prmtvwid%3D&adks=2580447263&frm=20
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d83f96a06e3192415275f4d4879bb14db238eb0c03ea10ef36b87f50105d0b24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14387
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		250 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TPMBMXS
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/extra/prod/lib-pub-relay-extra-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
48d99c5aaf98f85eb1ee5f970fdc1c3729296ce2ec5eb43740bccb7bf8ed6df1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82836
x-xss-protection
0
last-modified
Thu, 21 Sep 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Sep 2023 01:58:01 GMT
ns.html
www.googletagmanager.com/ Frame 00C9 		1 KB
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-TPMBMXS
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/extra/prod/lib-pub-relay-extra-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7fbc9e03ba0ac8c751d0d27d513c1de3d2c35eb7ec44a51d38fbd5502e154a07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
257
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
increment
id5-sync.com/api/esp/ 		0
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
schemas
horizon-schemas.globo.com/ 		144 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://horizon-schemas.globo.com/schemas
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.117 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-117.prt.globo.com
Software
/
Resource Hash
ac121a04ee29cdc5c52c004c59aec3d9e06d82148568c810e15d192fd652623c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
gzip
via
2.0 CachOS
x-bip
554901986 ra03 11 15
age
631
content-length
13618
x-request-id
b42956a8-7971-4ef4-bca9-dbc16f6e7b79
x-thanos
0AB1D027
vary
Accept-Encoding, X-Forwarded-Proto, Accept-Encoding, Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=7200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
user,User-Agent,Content-Type,GLBID,GLBUID,GST
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.gh...
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.gh...
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&rid=esp&cc=1
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
ce8e46e5be745d71c448cc8c1d9dcf73ae79d468581559e51fdacbb04460d4d0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-ebORmKJHJsxNi+8+gauAlCfYOF4"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 21 Sep 2023 01:58:01 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://extra.globo.com
location
/esp?url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncframe
gum.criteo.com/ Frame 8198 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=extra.globo.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:01 GMT
server
Kestrel
server-processing-duration-in-ticks
233687
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
encrypt
esp.rtbhouse.com/ 		329 B
603 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
4b1c2b95d73cdb2422a659bb04a945d0ee1b1da61209c4ef35773a631a8f4edf

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
025ee7863826d3d4590637a374e967a7
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
329
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a1b9d97d-64c3-4fff-86b8-c5c1d6f0c0ef
https://extra.globo.com/ 		51 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://extra.globo.com/a1b9d97d-64c3-4fff-86b8-c5c1d6f0c0ef
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b3974deab9eb5e48e5d66b3f37c0c8edaa15d4208e1e3b6451a33182ead9860

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
52052
Content-Type
text/javascript
map
bcp.crwdcntrl.net/6/ 		235 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.14.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-14-223.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ba6dcc0d2c7066006967aa5c3ae0dd58a4b72d8e5e471ebb2e10db4b411930be

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:01 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache
x-server
10.45.29.133
access-control-allow-credentials
true
content-length
235
expires
0
ns.html
www.googletagmanager.com/ Frame 3A59 		268 B
158 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-NXVN776&ancestors=GTM-TPMBMXS&restrictions=&gtm.url=https%3A%2F%2Fextra.globo.com%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-TPMBMXS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.googletagmanager.com/ns.html?id=GTM-TPMBMXS
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
ns.html
www.googletagmanager.com/ Frame 8040 		268 B
161 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-WSJ4QJD&ancestors=GTM-TPMBMXS&restrictions=&gtm.url=https%3A%2F%2Fextra.globo.com%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-TPMBMXS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.googletagmanager.com/ns.html?id=GTM-TPMBMXS
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
ns.html
www.googletagmanager.com/ Frame E3DC 		268 B
158 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-M3GJS46&ancestors=GTM-TPMBMXS&restrictions=&gtm.url=https%3A%2F%2Fextra.globo.com%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-TPMBMXS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.googletagmanager.com/ns.html?id=GTM-TPMBMXS
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
ns.html
www.googletagmanager.com/ Frame 391B 		268 B
158 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-PFFQ4H9&ancestors=GTM-TPMBMXS&restrictions=&gtm.url=https%3A%2F%2Fextra.globo.com%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-TPMBMXS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.googletagmanager.com/ns.html?id=GTM-TPMBMXS
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
gtm.js
www.googletagmanager.com/ 		161 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXVN776&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPMBMXS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb9426d8540d24bf3443a3a82955995f5d745937c58b9e1d40a389c5ac700375
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60449
x-xss-protection
0
last-modified
Thu, 21 Sep 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Sep 2023 01:58:01 GMT
gtm.js
www.googletagmanager.com/ 		118 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WSJ4QJD&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPMBMXS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a38c77af48646df3cf6c660e944826ca561ed3504813648d0e5712c7b2becafc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46416
x-xss-protection
0
last-modified
Thu, 21 Sep 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Sep 2023 01:58:01 GMT
gtm.js
www.googletagmanager.com/ 		158 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3GJS46&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPMBMXS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f48f058d992c4b46aea381994331a917f6eaabf297e4759bc007166b7729be77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59619
x-xss-protection
0
last-modified
Thu, 21 Sep 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Sep 2023 01:58:01 GMT
gtm.js
www.googletagmanager.com/ 		114 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PFFQ4H9&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPMBMXS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
52183d75783af6fc50c603595828f6cf368f6639643f126b3b3afb0cfff3885d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45477
x-xss-protection
0
last-modified
Thu, 21 Sep 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 21 Sep 2023 01:58:01 GMT
ivc.js
gadasource.storage.googleapis.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gadasource.storage.googleapis.com/ivc.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:49:29 GMT
content-encoding
gzip
age
512
x-guploader-uploadid
ADPycdu9bB3nj2LFWhFNh8wuTbiMiMkZ860hpuWnBS13EN_1MllngyKevw2GeuvyazeDDfyK17oQmj2_XoCt6NbVuBYmfA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24321
last-modified
Mon, 02 Sep 2019 19:50:51 GMT
server
UploadServer
etag
"cdaa61cbc24c48191196b45b31a7e18b"
vary
Accept-Encoding
x-goog-generation
1567453851562424
x-goog-hash
crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
content-type
text/plain
cache-control
public, max-age=3600
x-goog-stored-content-length
24321
accept-ranges
bytes
expires
Thu, 21 Sep 2023 02:49:29 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		124 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ae68dc2155bf81ca6f5f2137ad88dc947123e2b88bdbe6585c65983ac7f92bf

Request headers

Referer
https://extra.globo.com/
Origin
https://extra.globo.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
1ms
date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Thu, 21 Sep 2023 01:37:58 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-envoy-upstream-service-time
7
accept-ranges
bytes
cf-ray
809eb3658b483654-FRA
alt-svc
h3=":443"; ma=86400
content-length
35297
loader.js
cdn.taboola.com/libtrc/editoraglobonetwork/ 		617 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05f11f1ac4a6df5d3a90188730ed15b26d9876a49fb6450dba4bf6a178c45dea

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
kTme9.94Yw8c6ekF33rfQaE5Sx46azK0
content-encoding
gzip
via
1.1 varnish
date
Thu, 21 Sep 2023 01:58:01 GMT
x-amz-request-id
HCE01KN9R32RQ663
age
31
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
96529
x-amz-id-2
5UK2+bktGe9WheEhsGOlzNLVPLMpcoprazJru2jHJ0A9MqReJI95SZUxntbGK+oLzXU2tbDIkQ4=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 20 Sep 2023 13:56:48 GMT
server
AmazonS3
x-timer
S1695261482.847176,VS0,VE1
etag
"876de03cae2ce6a4a66064e7a89db9db"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
43
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
ads
securepubads.g.doubleclick.net/gampad/ 		39 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1018191574028614&correlator=1082189237500363&eid=31077993%2C31077899%2C31077190&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fif&iu_parts=85042905%2Cinfo.web.extra%2Ceconomia%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=640x360%7C640x480&ifi=4&didk=869953741&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1695261481794&lmt=1695254281&adxs=480&adys=1849&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&vis=1&psz=1600x-1&msz=1600x-1&fws=4&ohw=1600&ga_vid=156638556.1695261481&ga_sid=1695261481&ga_hid=285636105&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYx7LVq6sxSABSAghkEjsKCnB1YmNpZC5vcmcSJDRmMDFkZTg0LTY2ZDktNDI2Yi05OTAwLWQ3NzIyMzE3OTRjORistNWrqzFIABIdCg5lc3AuY3JpdGVvLmNvbRjGstWrqzFIAFICCGQSFwoIcnRiaG91c2UYx7LVq6sxSABSAghkEhQKBW9wZW54GMay1aurMUgAUgIIZBIZCgp1aWRhcGkuY29tGMay1aurMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YirXVq6sxSABSAghq&dlt=1695261479008&idt=2227&prev_scp=Editora.pos%3DInread&cust_params=ambient%3D%26tipo_pagina%3Dmulti-content%26editora.random%3D8%26Editora.url%3Despn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1695261480871%26prmtvvid%3D%26prmtvwid%3D&adks=1576948566&frm=20
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1254823d720a289ead2de21f29a80e5e3d92c85a02eb3aeeaceb60849d81a641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16323
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1018191574028614&correlator=1218397746729755&eid=31077993%2C31077899%2C31077190&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fif&iu_parts=85042905%2Cinfo.web.extra%2Ceconomia%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=5&didk=3851748554&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1695261481799&lmt=1695254281&adxs=0&adys=7011&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&vis=1&psz=1600x77&msz=1600x0&fws=4&ohw=1600&ga_vid=156638556.1695261481&ga_sid=1695261481&ga_hid=285636105&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYx7LVq6sxSABSAghkEjsKCnB1YmNpZC5vcmcSJDRmMDFkZTg0LTY2ZDktNDI2Yi05OTAwLWQ3NzIyMzE3OTRjORistNWrqzFIABIdCg5lc3AuY3JpdGVvLmNvbRjGstWrqzFIAFICCGQSFwoIcnRiaG91c2UYx7LVq6sxSABSAghkEhQKBW9wZW54GMay1aurMUgAUgIIZBIZCgp1aWRhcGkuY29tGMay1aurMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YirXVq6sxSABSAghq&dlt=1695261479008&idt=2227&prev_scp=Editora.pos%3Din-image&cust_params=ambient%3D%26tipo_pagina%3Dmulti-content%26editora.random%3D8%26Editora.url%3Despn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1695261480871%26prmtvvid%3D%26prmtvwid%3D&adks=3876986493&frm=20
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35fd96ea9c66b13e47df9c32929344dd43cab3e508b68c77e2d7e07f7563fa1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11772
x-xss-protection
0
google-lineitem-id
5046459344
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138324635010
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1018191574028614&correlator=2882355159286707&eid=31077993%2C31077899%2C31077190&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fif&iu_parts=85042905%2Cinfo.web.extra%2Ceconomia%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=6&didk=4212400324&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1695261481809&lmt=1695254281&adxs=0&adys=7011&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&vis=1&psz=1600x77&msz=1600x0&fws=4&ohw=1600&ga_vid=156638556.1695261481&ga_sid=1695261481&ga_hid=285636105&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYx7LVq6sxSABSAghkEjsKCnB1YmNpZC5vcmcSJDRmMDFkZTg0LTY2ZDktNDI2Yi05OTAwLWQ3NzIyMzE3OTRjORistNWrqzFIABIdCg5lc3AuY3JpdGVvLmNvbRjGstWrqzFIAFICCGQSFwoIcnRiaG91c2UYx7LVq6sxSABSAghkEhQKBW9wZW54GMay1aurMUgAUgIIZBIZCgp1aWRhcGkuY29tGMay1aurMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YirXVq6sxSABSAghq&dlt=1695261479008&idt=2227&prev_scp=Editora.pos%3DDhtml&cust_params=ambient%3D%26tipo_pagina%3Dmulti-content%26editora.random%3D8%26Editora.url%3Despn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1695261480871%26prmtvvid%3D%26prmtvwid%3D&adks=1457827813&frm=20
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7685e65210217feb938b17708b9adcdbd2556c8b063a7ac160f6872f27730582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11831
x-xss-protection
0
google-lineitem-id
5589317011
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138337269223
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
login.css
s.glbimg.com/pc/ca/ 		846 B
912 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/pc/ca/login.css
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Thu, 21 Sep 2023 01:58:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
47724155 ra09 20 03
age
34974
x-cache-status
HIT
content-length
419
x-xss-protection
1; mode=block
x-request-id
ae48449b-2177-40e5-9b06-39df1bfedd0c
last-modified
Fri, 11 Nov 2022 21:56:44 GMT
x-thanos
0AB4D012
etag
W/"263666896930a877f4ad09cc6d6e75ea"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/css; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 21 Sep 2023 16:15:07 GMT
logged
cocoon.globo.com/v2/user/ 		186 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cocoon.globo.com/v2/user/logged
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
86.153.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0362e4043341864c9bf2331c1556e86938f3251b4ae4cbfeb69a8466e351799e

Request headers

Referer
https://extra.globo.com/
X-Requested-With
XMLHttpRequest
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
via
1.1 google
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
https://extra.globo.com
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
content-length
186
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
logged
cocoon.globo.com/v2/user/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cocoon.globo.com/v2/user/logged
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
86.153.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://extra.globo.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Sep 2023 01:58:02 GMT
server
nginx
via
1.1 google
chooseAndIncrement
globo-mab.globo.com/mab/bastian-advwblt-r5:extra:desktop:multicontent:ep/ 		162 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://globo-mab.globo.com/mab/bastian-advwblt-r5:extra:desktop:multicontent:ep/chooseAndIncrement
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.52.213 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.52.198.35.bc.googleusercontent.com
Software
/
Resource Hash
296d75dcda74cfb00bd5fb9a954b66bbc41b6591ad38b8264866402a3330f299
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
strict-transport-security
max-age=300; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
trace-id
676558e4e91fb8ce
access-control-allow-headers
user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID
chooseAndIncrement
globo-mab.globo.com/mab/bastian-advwblt-r5:extra:desktop:multicontent:dinamico/ 		168 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://globo-mab.globo.com/mab/bastian-advwblt-r5:extra:desktop:multicontent:dinamico/chooseAndIncrement
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.52.213 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.52.198.35.bc.googleusercontent.com
Software
/
Resource Hash
c7c285f41b4dfdf6dea71e93fc9b61e1ea5f9a161bde0e3ee03fa2f7adb6ca43
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
strict-transport-security
max-age=300; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
trace-id
a4d7077f3c4b1793
access-control-allow-headers
user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID
event
prebid-a.rubiconproject.com/ 		0
126 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.21.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-21-31.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:02 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
ads
securepubads.g.doubleclick.net/gampad/ 		38 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1018191574028614&correlator=4323990443145617&eid=31077993%2C31077899%2C31077190&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fif&iu_parts=85042905%2Cinfo.web.extra%2Ceconomia%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90%7C970x250%7C1x1%7C970x150%7C1190x250%7C1190x150&ifi=7&didk=3740535728&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1695261481940&lmt=1695254281&adxs=315&adys=306&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&vis=1&psz=1600x250&msz=1600x0&fws=4&ohw=1600&ga_vid=156638556.1695261481&ga_sid=1695261481&ga_hid=285636105&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQGRmNjZiODUxNDA5ZDMxZWZmOTJkMzI3MWYyNjgxNmQ1MzkzODIwYzRkYmI3MjQxY2RmZjFlY2M4MGYzY2FiOTEYrbfVq6sxSAASOwoKcHViY2lkLm9yZxIkNGYwMWRlODQtNjZkOS00MjZiLTk5MDAtZDc3MjIzMTc5NGM5GKy01aurMUgAEh0KDmVzcC5jcml0ZW8uY29tGMay1aurMUgAUgIIZBIXCghydGJob3VzZRjHstWrqzFIAFICCGQSFAoFb3BlbngYxrLVq6sxSABSAghkEhkKCnVpZGFwaS5jb20YxrLVq6sxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiKtdWrqzFIAFICCGo.&cbidsp=Cq4BCAESFwoHcnViaWNvbhDmAyACUgdydWJpY29uEhkKCGFwcG5leHVzEJoCIAJSCGFwcG5leHVzEhUKBmNyaXRlbxDMASACUgZjcml0ZW8SIwoNc21hcnRhZHNlcnZlchDIAyACUg1zbWFydGFkc2VydmVyGAIiJDQyZjUyOTMxLTVkZTAtNDIzNS05M2U5LWM4OGZkOWQwZWRmOCoECAMgADIHdjcuNTQuMECsG0oA&dlt=1695261479008&idt=2227&prev_scp=Editora.pos%3DTop%26rc%3Dmc-container-top_0&cust_params=ambient%3D%26tipo_pagina%3Dmulti-content%26editora.random%3D8%26Editora.url%3Despn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1695261480871%26prmtvvid%3D%26prmtvwid%3D&adks=3665132083&frm=20
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18578d62a9379765eca00416dd6f2f3f1593bb85b6c5031a16b1ec25180d16a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15882
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rossi.jfif
s2-extra.glbimg.com/Crql3N9XYOdMjkZr_9RC3xi-UrY=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_1f551ea7087a47f39ead75f64041559a/internal_photos/bs/2023/B/t/af6AMNRIWCyGNPnAmqbQ/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-extra.glbimg.com/Crql3N9XYOdMjkZr_9RC3xi-UrY=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_1f551ea7087a47f39ead75f64041559a/internal_photos/bs/2023/B/t/af6AMNRIWCyGNPnAmqbQ/rossi.jfif
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
603cff041c3543d52c80727596ba99522cc3aaae88c3cba3644abfd043f13d23

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:57:44 GMT
via
2.0 CachOS
x-bip
51465655 asra01mp14lx04ca04.globoi.com
age
6859
x-cache-server
thumbor/nginx-cache
content-length
35902
x-cached
HIT
x-request-id
66fccd53-0744-4e0d-85da-773aa323c176
x-forwarded-host
s2-extra.glbimg.com
x-thanos
0AB0D08C
etag
"a950dffca480159efd3714b7982f64391bfc6ed0"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 20 Oct 2023 23:58:02 GMT
11963336
s2-extra.glbimg.com/eZc3Me0DtArlBGmSyTT9gNmuVS8=/540x304/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/36/33/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-extra.glbimg.com/eZc3Me0DtArlBGmSyTT9gNmuVS8=/540x304/top/smart/filters:max_age(3600)/https://s01.video.glbimg.com/deo/vi/36/33/11963336
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
2285eabfcb7a0e46f16f9bf5ad39dc57059bd20be5c91b1480120c4796e5f27b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:57:44 GMT
via
2.0 CachOS
x-bip
43806794 asra01mp14lx04ca04.globoi.com
age
366
x-cache-server
thumbor/nginx-cache
content-length
6538
x-cached
HIT
x-request-id
9e07e425-b362-4fb9-9210-ede0ac2911e5
x-forwarded-host
s2-extra.glbimg.com
x-thanos
0AB0D08C
etag
"fe060194293c311d8ce30ac3e90a82a189709351"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=3600,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 21 Sep 2023 02:41:34 GMT
caixa2.jpg
s2-extra.glbimg.com/lSD5CUUToTuVUNZO_ehQ3hZLLfg=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_1f551ea7087a47f39ead75f64041559a/internal_photos/bs/2023/6/v/ZKabNfTjuxetQ5gRzdug/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-extra.glbimg.com/lSD5CUUToTuVUNZO_ehQ3hZLLfg=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_1f551ea7087a47f39ead75f64041559a/internal_photos/bs/2023/6/v/ZKabNfTjuxetQ5gRzdug/caixa2.jpg
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
5179b36a3da3daf10974f2e8c7247baa53ba3a6af2d96c051f45ffcb13e9ff65

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:57:44 GMT
via
2.0 CachOS
x-bip
44543765 asra01mp14lx04ca04.globoi.com
age
8437
x-cache-server
thumbor/nginx-cache
content-length
30542
x-cached
HIT
x-request-id
897d85d1-5c41-4d91-b6eb-00364a513850
x-forwarded-host
s2-extra.glbimg.com
x-thanos
0AB0D08C
etag
"558eba3b69a17452e8377adc4458082c7d8190b2"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 20 Oct 2023 23:31:45 GMT
sid
mug.criteo.com/ Frame 8198
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=extra.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=LDOjUHxFMUZESjNMVTg3SWhYeVNGQWwvcnZvQmJxTmdsVUFKZUJwRFExakRlSisySzR6N01vSkc4ZTEvVFA2YlJ2dWNneVVycVJDOFRYR294WDRyZ0VEOFZTYzE1Y3FTcGJrUFdnRm11UVJlS3hrSm9lazMvSi9hc1VqeU...
436 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=LDOjUHxFMUZESjNMVTg3SWhYeVNGQWwvcnZvQmJxTmdsVUFKZUJwRFExakRlSisySzR6N01vSkc4ZTEvVFA2YlJ2dWNneVVycVJDOFRYR294WDRyZ0VEOFZTYzE1Y3FTcGJrUFdnRm11UVJlS3hrSm9lazMvSi9hc1VqeUMyRDhudVRtMkJoblJKbm4yRVBaUVhCVmRGT0Q1RjJYY0d0eEV0UTYwak8zbFU3dHQvNCs2VjgyNGYyY0oybW5LeFZvaGxDSnZXZFRSZzBVQmtlRVlJb3ZpTmN5L2wrMUN1MksrVUpaWWlJOWk0UUp0K0NnOCtuVDhyaDArY1JqMVV3TFU5UWtsL3lCVS9VK210WVc0eHFTZW9qR2E4dz09fA&cppv=2
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a3a8ef856df845257c7a1d2ff137f1345e6d6c304c68946c224456dfbe613c4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1050914
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:01 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=LDOjUHxFMUZESjNMVTg3SWhYeVNGQWwvcnZvQmJxTmdsVUFKZUJwRFExakRlSisySzR6N01vSkc4ZTEvVFA2YlJ2dWNneVVycVJDOFRYR294WDRyZ0VEOFZTYzE1Y3FTcGJrUFdnRm11UVJlS3hrSm9lazMvSi9hc1VqeUMyRDhudVRtMkJoblJKbm4yRVBaUVhCVmRGT0Q1RjJYY0d0eEV0UTYwak8zbFU3dHQvNCs2VjgyNGYyY0oybW5LeFZvaGxDSnZXZFRSZzBVQmtlRVlJb3ZpTmN5L2wrMUN1MksrVUpaWWlJOWk0UUp0K0NnOCtuVDhyaDArY1JqMVV3TFU5UWtsL3lCVS9VK210WVc0eHFTZW9qR2E4dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
279353
content-length
0
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 139E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuu8T_MvyX5VqtA8lCatuEWDdk_uf0V5CgZahF-Ug550HI_w2e6GsXVfWFn1nholG61d2yejVKPz_uvoGEj0QAnnxZ56QcFOope_Al-Fajn1XKMre4gv3ARrTepSbGnPzy4OXCoBgSReG7n4DztUd2p-BzvNfKyNl4wlQUZgHS3oGqYn5U_kV39QIzHmOREp-Wf6fwAcYCgn1g9w4JKEXDcGKrPeyD5aRqyopv3M4izXP6IW1KP1aYrhEyGhFnXaQFBWWuL0CKU_JGzxhZbYkABL_tVwO_fJv__ALELj7fVwQLpjU4swrpHWXFqQ6xtTBZUH0te8ywcAIOV7YOu61HN-mLa1lXmzHyp&sai=AMfl-YRgher3K_py4KzJdAtiwkMuir50QbwOCbp58xN9NEIP38nLtvEifjP0-9HBQkGI7c2GFtABceQ1dU7htXrxyvQjVxV9vW91cmGa8NHZ8nI9o5nD1L1jQZAxGrHQ-HLlFyApyVVSvBayVYxSPCY&sig=Cg0ArKJSzMrmwhD4VhOdEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 139E 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6eab12f9767a07a5105e94841c27d672441e1fe9d6987a2ebf8ffa32ce2609dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29897
x-xss-protection
0
server
cafe
etag
930 / 19621 / m202309140101 / config-hash: 9843192085666301801
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 01:58:02 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157163/4983/ Frame 139E 		551 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7e2efd245198a6abc36b4e6e4599fadb67ddf87f30d656e882b677eadab768b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
gzip
last-modified
Sat, 08 Jul 2023 00:12:00 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=117857
accept-ranges
bytes
content-length
163404
expires
Fri, 22 Sep 2023 10:42:19 GMT
owHCMR.js
s3.amazonaws.com/script-tags/ Frame 139E 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/script-tags/owHCMR.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.101.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b8196243f0ecaa778e919df4cc37510c13d36ec594e62b6b1ffcb9c5800b3360

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:03 GMT
Last-Modified
Tue, 19 Sep 2023 19:20:50 GMT
Server
AmazonS3
x-amz-request-id
J393Y0TKHQTWZ3DT
ETag
"f963d33a554925108847e778ad82bf61"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
17873
x-amz-id-2
cvPOdcGknVXx1dX8BNb6md2VYf33ZmIYn6i9YwuUupzHcNbJ7oK+A9EKn3FbUrO2OFP8VVQuu8M=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 139E 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 01:58:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8867 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuG2FYHiWKAQCBH-CPHwp3oYS7CT4THZwWFukgcvdwDgxHeF4PPo00SUNKeiPfvTJ8qyOSoXwNIZ3EU1j3xn0bnxh5jdXXbPsjnEtPHimuO9LVrtjdenDeT6xwS20VRaRKqoEhoR2z5saIXzOLo6CKI4km2G6ZLBQzNuuuCI_nvOQuKMAItV5Pluv4z8Vvi52cGz2Bf7YmKFMYZ3rX8H-qCNwfHtfhEjgx4fxl0mqh8fz68OXQaI5KQ2EUcXPDxWam0NA2dU9YpZaeeNvtlTKZBJe5TZL5HgzsVf0zs3IhCpSsuYYwBXtKfcj84kI5U4nVqjTKOGFxhhURYE_X7nWN_XpVcm5IaoVzg&sai=AMfl-YTMPBVAktEm1-XwInhnK4ABJOHFdmhr8zDLMRcuBJkQhMAp-86axHFX-d79RsWF4xR4Ep5iKKEQlP4iKj2Ay-FA1nhCfNJXC_6BPHCY8YKJ9TzgBIoF39NDp7VTrTy5wd57E-YxTJVjzOENU4sW&sig=Cg0ArKJSzFsaDrb1and3EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8867 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b948f9894d66da6d2173d9ee0748370d7c34e5d3d322ff436919a4409a47e370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29900
x-xss-protection
0
server
cafe
etag
310 / 19621 / 31077993 / config-hash: 9843192085666301801
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 01:58:02 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157163/4983/ Frame 8867 		551 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7e2efd245198a6abc36b4e6e4599fadb67ddf87f30d656e882b677eadab768b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
gzip
last-modified
Sat, 08 Jul 2023 00:12:00 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=117857
accept-ranges
bytes
content-length
163404
expires
Fri, 22 Sep 2023 10:42:19 GMT
owHCMR.js
s3.amazonaws.com/script-tags/ Frame 8867 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/script-tags/owHCMR.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.101.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b8196243f0ecaa778e919df4cc37510c13d36ec594e62b6b1ffcb9c5800b3360

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:03 GMT
Last-Modified
Tue, 19 Sep 2023 19:20:50 GMT
Server
AmazonS3
x-amz-request-id
J391HXJVV38B0VF0
ETag
"f963d33a554925108847e778ad82bf61"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
17873
x-amz-id-2
/hP/2HVr5LrL/pTINI4Mr/Fp71E9cW9rPcWS7gU1C3bHQP0tRtbEomTvCvkC4FWNFTVRXUPdtEQ=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8867 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 01:58:02 GMT
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame FCC6 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
395b414d8c829d139cbdbcea39158d504184b5e3ad5cdfaed7bb600362e71e5a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1941
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 21 Sep 2023 01:58:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
7RX6D5VHG3TCD20Z37B6
view
securepubads.g.doubleclick.net/pcs/ Frame 2A1D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmINGqQijdq5jbTcRPN7W-oVsCN91_43h5NLxXGZJFiazvh3_q25-RFj9CJuU9NtaIfg0qFIl0LpLmQHW4roolXkCZy2vHq4DngslZL6Nv6JvU6MsYKW200cWHndzvkboIqV3CE1DetxkSPX-5cTRlVQRqciYePrlG6ygRY7Y0EW7Ou4a6K9_myVrpM5YCudot8RVKqIr2oy2a-zPgYazHZVgi3CWwFgbsKgFgfzr_MMFribTbd2z1I6LrzQLt71s1ZjK-4IY5qqEfWSKuQl4n1-53p9W09pg7Hs7r5dRyNr7fdy62pj8nhtRoY4WET41n0dBC7QRkpgfAn9e9MVBanh5kplLI&sai=AMfl-YQ5p_MJb6dEB3Xetqw1fQb0ZWfnPXPaH7BIJDT77qxARsYqlHz2bOmjvNaxZTNxYzdGr2B6vWhAy9b3ZeiZKZT5TsgKj2ql6JDNTSwB6nOHZQYDRZK8k6kqK-9Ofw&sig=Cg0ArKJSzEaqokbMaLKHEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
5032-5905-01.js
t.seedtag.com/t/ Frame 2A1D 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/t/5032-5905-01.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f0942174b97eb4a82f56de89c28b45d8499a9ae4564e73a1c0f8a084f8f9c3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
via
1.1 google
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
etag
W/"c4f2-BOug1Q8pTuzf35JB6BUPFDit6iY"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1200
cf-ray
809eb3679b0924c0-ZRH
alt-svc
h3=":443"; ma=86400
expires
Thu, 21 Sep 2023 02:18:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2A1D 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 01:58:02 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6905 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7-FwZvKPFaQcYDvtSjmXdOJdPvqzPwemgbRVXDdiRUgktgtoXFL2fdmUiUF7LnapNn3TH5G0sJXxsSjKyqSxpxo1dp6AeAEnFfiybcnqJMv2EMiGP_xtcGLtO-fTTKTpKH2gCudicpViNMHYUbcde83r8LVAh5rBWw2WiduHHaZnmLIdqLSaV12QW231Gnc5o76Hj8roNGxTYLFDNOBSh_OVGsr557nMK3FoN4vYRTYk_46ROQfYIM7sjR5Ws1vR9QjRj1kujjNi99vKMcbWqBxwhX-s3ELTP5iOzr0CMfRBF5VbBRG5UQ7qri5fkbHpWCIeNLYfE7NRnFnNifTTMilGsXwB298zGqm0_EJzNQZklN9Q&sai=AMfl-YRVUXvT99y58OYPCvD0J2QE2P8CF3mMOCkX008N8OCUSfF0hVwXwELuu52fxfzBOKK1ZG89GYaFuVwBOMevEC_HtFphEul1gPGg1wlo-hlTM9SsSZYlMrtDQRlzD5C_wg&sig=Cg0ArKJSzHwaAg7Sv_lOEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
extra.globo.com_14987.js
ads.vidoomy.com/ Frame 6905 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/extra.globo.com_14987.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
76714abafeb985a7df98100b44d1e8f1de24bacd2c75dce8122bcb3f75259594

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:02 GMT
Server
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
4664
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6905 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 01:58:02 GMT
container.html
098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4784 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:01 GMT
expires
Fri, 20 Sep 2024 01:58:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
load.js
pm-widget.taboola.com/editoraglobonetwork/ 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/editoraglobonetwork/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f542b3b98cad1981a4429a7fca302c9ac09632ae83ff3419ed8ea8ccf3b9295

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
U1YGMS0gZhJYHtoSJ0UYFxgGwsKQYD8s
content-encoding
gzip
via
1.1 varnish
date
Thu, 21 Sep 2023 01:58:02 GMT
x-amz-request-id
AJT84F0Y9YV3HW7Q
age
1552
x-cache
HIT
content-length
2153
x-amz-id-2
LrBf7c+qv5+6caQmci2AnDV7wIRvH/vMKQ049CEBSpmk1uekSe2ytwYt/RVDUsPnVkikr+Dh1C8=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Thu, 27 Apr 2023 10:32:50 GMT
server
AmazonS3
x-timer
S1695261482.198898,VS0,VE1
etag
"408b0d6eadfa9d2b74f5b3bb1332e9cb"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1
sync
gum.criteo.com/ 		73 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1e66fc9571f5687bc50f6d4695d0aae0d10c4d4e313936bdafb5a539bb9c4af9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1110872
expires
60
impl.20230920-27-RELEASE.js
cdn.taboola.com/libtrc/ 		810 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
5c413de57e629fbba188d440b4d7e5f2e4458ce3be46973223d8b44caf071f52

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
intVab2PW6P1rT.KvLfvGQN_lPLSTonz
content-encoding
br
via
1.1 varnish
date
Thu, 21 Sep 2023 01:58:02 GMT
x-amz-request-id
VR5TS1XX20SFRR21
age
16629
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
171478
x-amz-id-2
xsayEOAeWyvpN/OPuTs8oTZaORzgXpB2f3g+HtuYOORn/1yEGBho7eMU3hygtG2gmTwSEyxBlCQ=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 20 Sep 2023 13:19:18 GMT
server
AmazonS3-br
x-timer
S1695261482.182802,VS0,VE0
etag
"d21d0fc11919906291c7af244ef87480"
vary
Accept-Encoding
content-type
application/javascript
abp
44
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
14618
i
ivccf.ivcbrasil.org.br/ 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivccf.ivcbrasil.org.br/i?stm=1695261482224&e=pv&url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&page=ESPN%20vai%20criar%20marca%20de%20apostas%20esportivas%20em%20acordo%20com%20rede%20de%20cassinos%20no%20valor%20de%20US%24%202%20bilh%C3%B5es%20%7C%20Economia%20%7C%20extra&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=8&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=551bb89d-ac50-47b7-8096-583c45718299&dtm=1695261482219&vp=1600x1200&ds=1600x6637&vid=1&sid=24a9d1a9-5bfa-4c88-ba76-4ba3ad458c37&duid=7debafae-a782-412d-be64-e57f45fbe4bb&fp=2005616296
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.155.196 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-155-196.us-west-2.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:02 GMT
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
pd
google-bidout-d.openx.net/w/1.0/ Frame 9C2E 		572 B
805 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e5abb96267c7941a84a458d9612c421dae3340d617db690c97b4313c40a0a82b

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
380
content-type
text/html
date
Thu, 21 Sep 2023 01:58:02 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FCC6
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=20e766a60e
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=20e766a60e
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2ZG3PZ8HJM18S28H2G9Z
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 21 Sep 2023 01:57:41 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
age
21
x-cache
Hit from cloudfront
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=20e766a60e
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
1BLp1Fk5SoHbiCfpoyG0YyAEE1OjLpOSfekwFdSRzgiSjrZEjiDEZQ==
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FCC6
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=40865a8c-397a-4ab6-86b1-61a24f3778ff
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=40865a8c-397a-4ab6-86b1-61a24f3778ff
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EYVFG4GJMZCPHP4TBWJ6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=40865a8c-397a-4ab6-86b1-61a24f3778ff
date
Thu, 21 Sep 2023 01:58:02 GMT
server
_
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FCC6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J6Y595P6AD7EKAZ48D1K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
88
Content-Type
text/html; charset=utf-8
ingest.php
events.newsroom.bi/ 		50 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy01.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
compass-multimedia-sdk.js
sdk.mrf.io/statics/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=755
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d34178fd2e5a63ee1aeada7c11ef3f65639935fee58ba0eafa99b2b1dbd67ee3

Request headers

Referer
https://extra.globo.com/
Origin
https://extra.globo.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
gzip
via
1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
19
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 13 Sep 2023 09:50:56 GMT
server
cloudflare
etag
W/"e6ad3179582ae74d56c8c6309f582ea6"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
809eb368acd23654-FRA
x-amz-cf-id
4eu1SJUEj6E8uoHqoH3s9P8lm0ipXiF7rwPstHR8F0LU0f9-lnpW0g==
lib-analytics-latest.js
s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/lib-analytics-latest.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSJ4QJD&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
877c319b8a36e65249be764ce80ef3891edd45848ba3627b95c7499feb0be48d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
gzip
x-openstack-request-id
txf2044101aa08476aa32e4-00650ba2df
last-modified
Tue, 23 May 2023 21:09:44 GMT
x-thanos
0AB24047
vary
Accept-Encoding, Origin
x-object-meta-mtime
1684872817.000000
content-type
application/javascript
x-timestamp
1684876183.22388
cache-control
public, max-age=180
x-trans-id
txf2044101aa08476aa32e4-00650ba2df
x-request-id
9724989c-d6fc-47c9-aad2-7d7114112b94
dmp.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/dmp.min.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
188ad1f5f1635b83df77cd27805c09bf37ec353c01f8bd731c8624612f28f353

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
gzip
x-openstack-request-id
tx48e652ebeb8d435a8ba66-00650b9175
last-modified
Fri, 16 Jun 2023 12:31:17 GMT
x-thanos
0AB24047
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1686918676.85556
cache-control
max-age=18000
x-trans-id
tx48e652ebeb8d435a8ba66-00650b9175
x-request-id
b504a483-722b-4ab1-b073-3807fb778f0e
usermatch
ssum-sec.casalemedia.com/ Frame 4DE2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a054e74d60a467b75b2c79ccd2ac7d05af78bcac8c8a9e03db489d24854c8a0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
809eb36b0e8d23c7-ZRH
content-encoding
br
content-type
text/html
date
Thu, 21 Sep 2023 01:58:02 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPN%2BvQDCMI7uLZTVGdtPnVw15yOpeAQMIrTsAh1qRm9iwbwRz16dYJPKye7W90SrMqGDglAb%2F2R4wfX7SY5tVZM437sSy58Eb7H6P9qCxh5edfUDQ%2Bo92jI0GUsk9uULRzUQBTCOGsl2pg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
809eb36aae3d23c7-ZRH
content-length
0
date
Thu, 21 Sep 2023 01:58:02 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FSZ%2Fc2SQslHL0xOlI2PJzjh8Gg43Wp9q6pABPW7V2I5Bn677sVs9qfKvXb8sMnhQoxotVmCCdPWJTqDDbV5S8Ekrx2dfgNh7hNNqBt2Iw0z1YQa%2FLpSIAwk%2BqhSBTLGugQFMZk2DrihKA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame 3325 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.250.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-250-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 442D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132164
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 21 Sep 2023 01:58:02 GMT
expires
Fri, 22 Sep 2023 14:40:46 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 88F1 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 01:58:02 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 12FE
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=2
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=906539967438444046&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=906539967438444046&gdpr=0&gdpr_consent=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
W192SWSZMM7YN17VQBDQ

Redirect headers

content-length
0
date
Thu, 21 Sep 2023 01:58:02 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=906539967438444046&gdpr=0&gdpr_consent=
afr.php
ads.eu.criteo.com/delivery/r/ Frame 1A32 		151 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQAIFRgK4GqFAA5jj-wYajExDSNNZKTUZA&u=%7CXjATkX2pIQO4tJVT%2BPOEp5ZFlMOS%2BndR0Vj9RY%2BDw%2BA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2Vb3kdStZ7KjJ06lXPoxjyDrf3QU601MhbxAs_vHxZy0pisJYVD-tyb-q_1vCa7TcRxU_msRkblrmKhoac6Pr4C8u609e1OtgnZWl99zP0SnUsmwZqG9P0TUDvfWyxEb5_OeZDo53Z2f8qw2BkCVYNWbk_ePY9N36cpFNBOMluAmzVzKW3HWqCleSJLD0DsV4BeEMXeIOCbmzir_lXNIAtzqvhAB913NdayTfrR7oeCklZxhfXodD0x-Oulnf2PqZeFBn8tKYxLGUjdJ5HZhZBRTaeuh6IFo1pI3LBIIz95BnSmE7lZFCebVF9XbBWYuzkA8D1cY-c56g8aITN_yOPx_CFSuq52u1PfB4gh78DAAXzyvzcmqNFcIQTBFnrWYVC9A5RALEqX-xxBFM0VPT9h68hXteXLAeWyYjwvF-i6BlbsRo7Bl5ReCuOt13lBIFFiwh1XGcV4SBr1N6Q8D4n36dGfRxkklYUbTTgllZvJY0OwCx3b4-Ct-iub4WgtnwEgEqwUeBjLGWPdDLtMALRfynk_rs31NUlYUMQi8UI1B4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtIeKaMLZZiqIIXVgQePx7kYyZ7SsVzVnZH3cMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJqQKHagKEr9-xPuACAKgDAcgDAqoEsANP0NwNOGiRRyEWz2We03yk365GGqMB1nKNcXrj3bTx_iYaHNLSRLwM4Cbc65dLbU5cqLOserikk-2UlyvY7o-LUnAGidmewCsm-OisSLX8QKd2_Rnd7e1e8t8M2gpF2k5kpqwZiQxf1CAbsZ_0bcIUMy8D0OfNrJ9nJoJZirw6zeqzvjsP0Hda3unCQ0dWd-DcgwnSchXGwWC0jhRTY7cj7OZCcD-3Mm66ew8cHxQKO_tl5P9uSdtM0EFjhn4sdeERMsQdL6pz-r6K4cApziyYJPTFhsCkm4sVO-g8z5u_D7dwsqR74dqPXNNKD2oJxgjxVVz8-MTS9nVCHLdSIAVC5Y0uBqNKVMTeijDJ4bYCjsYwR8yxJWhQfVIf9HWegPoe4Z-KOzprH6-ZZuf9NtMRnTZ82SisD24bIoZs7Ft8qeCKDFhzpJwNWuRdEn9XMQt8sHG5dwBc0wrLPQJF4Z7IcqpTbVOcTayICOh-dHJdLeYRlyQL4q26MbGnlljMHDDWHaZw0OML-3zLqyf9WwGGITBKe3r1jmiF_RKbBpyQ9_39RrZmixkc1HQzFkMZyBjgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OhEf1XLEgmNYCqnckCaAqryxG9g%26client%3Dca-pub-8828587149473437%26adurl%3D
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3e14424544af669f62fb667a35de09d2258dcb5f89b57d86d465058484fef06c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:02 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=n19chnKe1Ktls8WuZmzyh-_nlRyF0FaS1XkB5EppJO2pe_ecTZe27-Fo8a4Sz578xnfK04nKfjWus2A3YnZQaBTOxak3laqfZ_4UycASFqG8QeRlYBMZAD05a79RnHvGri7sWNFmqcK66Z9fB3yyUlUCK1vblSvK1bY9Lt_KbCC0a2kaS-xehnagTXO_pgDo5lkuZtdm03ImwlTO5DFIDnBJn9NMb1Q3kbVYKFZHOKw6LrLvBnP-V7B1W9V8BTr91P9J7Q"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
57117349
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 4784 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 15:04:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
39211
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 15:04:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 4784 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:38:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
22763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 19:38:39 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4784 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 07:26:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
153112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Sep 2024 07:26:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4784 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 01:58:02 GMT
container.html
098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7BDB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:01 GMT
expires
Fri, 20 Sep 2024 01:58:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/ Frame 139E 		409 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1bde658df6e7fc967fdfa663ef601083be84e4dfb80de29e5423d8d618bf790e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 09:58:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
57559
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131810
x-xss-protection
0
server
cafe
etag
9411153894055172020
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 19 Sep 2024 09:58:43 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/ Frame 8867 		409 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1bde658df6e7fc967fdfa663ef601083be84e4dfb80de29e5423d8d618bf790e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 10:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
55276
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131810
x-xss-protection
0
server
cafe
etag
9411153894055172020
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 19 Sep 2024 10:36:46 GMT
pmk-20220605.12.js
pm-widget.taboola.com/editoraglobonetwork/ 		109 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/editoraglobonetwork/pmk-20220605.12.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/editoraglobonetwork/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6b20999bd2a94f2129771aea3c4d9d2098c882633a1e08a14d6b8f9ef49b5ee

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hGDJ320XmrVzlk_tBEkU_GyOXLqd95OQ
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 21 Sep 2023 01:58:02 GMT
x-amz-request-id
HJT9RY01YWRVVME7
age
4365806
x-cache
HIT, HIT
content-length
30549
x-amz-id-2
Lqq6B1VUSASE6pjzXtugdVPtfCItI+n71PbToM50C0jTEQHJtw77fVTLRZXw8s28fXkZQscaXR8=
x-served-by
cache-sjc1000128-SJC, cache-fra-eddf8230092-FRA
last-modified
Thu, 27 Apr 2023 10:32:49 GMT
server
AmazonS3
x-timer
S1695261482.473476,VS0,VE0
etag
"28d0d120bcbb2938f74c069dfb7e9df8"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
19346, 19
5032-5905-01.js
t.seedtag.com/t/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/t/5032-5905-01.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/5032-5905-01.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f0942174b97eb4a82f56de89c28b45d8499a9ae4564e73a1c0f8a084f8f9c3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
0
etag
W/"c4f2-BOug1Q8pTuzf35JB6BUPFDit6iY"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1200
cf-ray
809eb3697cd424c0-ZRH
alt-svc
h3=":443"; ma=86400
expires
Thu, 21 Sep 2023 02:18:02 GMT
truncated
/ Frame 6905 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c42d3f8e41df59becbaf7da2bb7947a930d625bda6f78ed2ed5299fb9288366

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2A1D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b8fbb7022d117e5729f7b16017f45910bd018c717d75acfe2b3fe1acf47812f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2A1D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssG4KMYUsnob4EW1rLW47vm9ut20q-mXgBFlpN2PhtT2Y3lBTzsnbp9GwhLN-AnbCq8RfgDB9EjZA_BM7qyZkWh73Wz4663xHgRPZcyAIxeclOnic7MKw1OWDD9xdtd5DIe0HLWwujP4R5RULJSv5tV7n_8Lo4Xylw3bNn_4RlYhYgZIluizmfKWGjzZ9yospkOBE92hEkUBS59hjDpV7RthQVnf9z215WZaDgxywoh_sbgQ-RFIhngnw6qi-a2jQnIKRSWneV-Irhq4pK3BIo1ko6RLApFQyeIYAE_vf2qPhiWjJxgTB4D436ge5orDrTbbUAxxrhFJ2pMEvF3G8Y3SDw3oA7VvYs&sai=AMfl-YSI-M_pfgYA7vUKwcD_yAsRNg63zcnqFvR-ijj1qv8C39z9fdH6n9870TsHQlUZuqbBwzX63iY3o9eBkLz-LX-cMVCsAjtEuhzsOcAi3nVTY2rX083kgekehjWXfg&sig=Cg0ArKJSzPsRY9ApAc_tEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 21 Sep 2023 01:58:02 GMT
container.html
098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7B0F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:01 GMT
expires
Fri, 20 Sep 2024 01:58:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
card-interference-detector.20230920-27-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20230920-27-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe6391c5bee94d329009097d19acf3c70bdcc8d4cbe88d0da0386547d96ce406

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
mDCMpNRUAJmkkYHHAEwUK8ikb45duVBa
content-encoding
gzip
via
1.1 varnish
date
Thu, 21 Sep 2023 01:58:02 GMT
x-amz-request-id
MD937NVYXJF4KP1K
age
40821
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2182
x-amz-id-2
w7mCNlj2sgv5mz9B8oI00E9v8AFJ0ujMvHqZwfxNNZU4fzjDAhT2K4HSl8QgbSS2YPnZSiWaVj8=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 20 Sep 2023 14:37:42 GMT
server
AmazonS3
x-timer
S1695261483.715297,VS0,VE0
etag
"92a83b645777a0b5cdb0db1d7c663672"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
35
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
25707
sd
eu-u.openx.net/w/1.0/ Frame 9C2E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1945593063401236011
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1945593063401236011
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1945593063401236011
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9C2E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=faae8333-6435-cb5c-2e0c-3cf4965c3d81
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QX9J5CF43ZWDNJVS4BS9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 9C2E 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a278ff4e-789f-70a6-ee02-be63fe6ff661&gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9C2E 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGUxNzJjODQtYjFlOC0yZTAyLWZiZTItZTRkYTM0OGQzODAx
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9C2E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHb6k7hRfA2mhFT6CvslNyQ&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHb6k7hRfA2mhFT6CvslNyQ&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHb6k7hRfA2mhFT6CvslNyQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 88F1 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
51d124d36cad7f55b97069e9ccd3c06c32174f2d09e959bd9912366b06f12ec6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2023 11:53:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35664
Connection
keep-alive
Content-Length
10516
Expires
Thu, 21 Sep 2023 11:52:26 GMT
player.min.js
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/ 		2 MB
749 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
feaa8751094d14f899a36eef1867b158cf502c9b22352b070b7e2e50ef367a9f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
gzip
x-openstack-request-id
tx2954764fb1e04f0dac7aa-00650b9889
last-modified
Wed, 13 Sep 2023 18:08:15 GMT
x-thanos
0AB24047
vary
Accept-Encoding, Origin
x-object-meta-mtime
1694540590.000000
content-type
application/javascript
x-timestamp
1694628494.40181
cache-control
public, max-age=3600
x-trans-id
tx2954764fb1e04f0dac7aa-00650b9889
x-request-id
883e0a2f-deac-4340-b67e-e061b2b88285
PugMaster
image6.pubmatic.com/AdServer/ Frame 442D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=52571541&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e8b4a0adb14ea158efaf4228f208bb085ceb68fcfa71b9180328944fb9a0731b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 21 Sep 2023 01:58:03 GMT
content-length
1710
content-type
text/html; charset=UTF-8
afr.php
ads.eu.criteo.com/delivery/r/ Frame 2155 		125 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQANS_UK3oybAAyIvCpqjTFF5NKTH8769g&u=%7CXjATkX2pIQMvags1HSAP1Xb8sZO4B3C15X3VZHFq4Qk%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2VbjBE30yWNVeKP-DrcZK6qd_0LxqtSDAZxv2BjuWqB9fvfvkS9v5w06kORLnDFW4WFHWZCGveMIXJ2_HgVihJtftdeIwXVT4D7BVnfBbApVDJkT3fhjLCHSKNbdEYzbMiJMH7OtBw4ZSdfJUN5BibbbJ5l5ppPmlUSpwq1YVMH4zvYpZqW2C0tR4le1JdSyKEo2F8wjY8PlyDYS3p4PuHhF-36NwrHCXMO4z59plZ6tNYo3ebAyMWH68tRvW_3K_yWH1TZfhRghzMwM3vM7kzx6WQIYXJujvrxEy7_3UdsE4caRACRUirbE5q0OEUwOCDn8-SBX4RdXLy0wBOhGwJyREx8U9MfI3EogQ_TFG5DofmzHfj6Ea5uYDb9Y1LjUz1dN0j8B4zNvMIPkDGDlGYcetd1eB5lepZfXyyHCQ0BD6qHU3HBPHkhnBK1jTN4cwUrU-NeexsvkWS05SihvPqttQqBcZIJDhXwy6TERkQMNU5QfO_FGgPZg4otvA7Ds8egYcBUCySIMaIvP8JWvI40Zvt_HmCIXwF5ePu9m0VZHPc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwomaKaMLZfWXNZuZ-ga8kbLQD8me0rFc9Z2Y93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCujd5SF7isT7gAgCoAwHIAwKqBK0DT9CB_btKipgKfAsQnSR3Mu9etGmWuKDi3OHsGX-5FbBgSNxWAjWbmxGAefL9Jy_S39N_5pHyBgZncmTsAPmw90AAbgxjS_ugUcjMpX8Y_nKlNvP-RwCiBK_cVh9XaOY1F1XyYPmGFKOeSRDVXkA4kTc8qatZo2SxMCGoDKXURieu-LJbw1J7dvJHoOs-bzaOoE90Vs0nhAlCCITu6IsKaA2oZpf97omYZ-RkQtl8j3ELZTKWZVWdmFtzZc-gaSTheICfrgT9TCWj8w77d7vt23muZGH_C4KzxLkkrRobSrz8ksWotMMvj_99oCX1KplLf61IAdiGaG82i_WUljzcSh5RkkKXFQzw5zzugeS3GFYlv1aTeFZH4BDsqJF2pnVT2RCEGJwv5XtIj48X0JtlQWoCoEg2WBtGBkxet-gQmOZaxV0EIlLrm__LfD3x2OZMPZhGrBhywU-76L4WMp6MjgUr-8x0eLIIqnwnsnpbWjbri6IrYhYVcz5amzZ7dujy_FAblJft3L3CJ64atpMBk1Gdv_sULjHvYx6o-hL-XycEveNzcpRZU_J_kXz34AQBgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvi_STlc2BsAZ4UwDyyFP2He77Q%26client%3Dca-pub-8828587149473437%26adurl%3D
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
76aae8220248248906a3d7054d057027805d94af276d13c3fe0f2baff0b64e6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:01 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=IIIHpnKe1Ktls8WuMgyU8otKB-Y4WUHrXmrxZOiUCqLysmxiIrsX79NRUWoH63uDMHHuZBub7PAkh3RRH8yIfnBIJ5ASISYWHHueNAgMyISRR7tJSsh040TP8Z5tjVr0QEZ5py_LhSTXwLZvZ6mcpBOFUIokgPo88cLVWbfTqya7WvpvaUgl6n0FJSlGoyHOiLdS_8X9KXxkI0qnqWuvuTvoOZlfPXBNLMWFFdIpxMHbmPxggQIQrKzw5hu_mNswINYlJQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
47297409
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 7BDB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 15:04:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
39211
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 15:04:31 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 488D 		1 KB
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
22273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 19:46:49 GMT
etag
48472445140208031
expires
Thu, 21 Sep 2023 19:46:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 7BDB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:38:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
22763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 19:38:39 GMT
l
www.google.com/ads/measurement/ Frame 7BDB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUDZJZKQXo5p3Q_-qcmn_G9uG0VQDnMglKrdh66yasyduVtjSqPT1k6suexG7tGJ4hVersYaMcc-ddrpta9AOvIDIEUQ
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7BDB 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 07:26:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
153112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Sep 2024 07:26:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7BDB 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 01:58:02 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 7CC8 		140 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2669790e6104f003cf2c1cccf2719c7cc614e6afb737b7e93456705376f9695a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:02 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ZbabOXKe1Ktls8WuCLlu5IKT0_oyGaTBo43-l5AS2N4J05QQfi3HJGZzdBWY2e9SCLAAgcs-MD4Niq7WRQreCiQik0vQyC7e1_ujV2dxgsT8_FAESIrIBez4LWJZaoT0dO3knU3Imhev1TRAocIAJ7SOeHZR7-CTLMeg5AdRotwvp_srpqzvLHBXLdrmf8spznEYQTSQwdPNxEwuGTYD6iKIBCp32saf2JQ5f-XdpWbKe8Djt0-vaptrO2X9DILyDV8_TQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
54894874
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 7B0F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 15:04:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
39211
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 15:04:31 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8181 		1 KB
677 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
22273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 19:46:49 GMT
etag
48472445140208031
expires
Thu, 21 Sep 2023 19:46:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 7B0F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:38:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
22763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 19:38:39 GMT
l
www.google.com/ads/measurement/ Frame 7B0F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpMAxRcTWysN7EyOBEMV7AuasV3GgvP6Aw8E8S9Na2xLQxfjN-zn3u7bCo59ifbxbfGXcQxUJogPid2pDgrWam7fbqfg
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7B0F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 07:26:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
153112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Sep 2024 07:26:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7B0F 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 01:58:02 GMT
crum
dsum-sec.casalemedia.com/ Frame 4DE2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZQujKutf4JN9V-XEBbC8xQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYz-aknfOYRA_pkeX-Fi5U&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYz-aknfOYRA_pkeX-Fi5U&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IH36X6Ti2%2FgQqvoXuWmoGi7h%2BL8I7TCg8fEoGMbJkaa1AR03hIWB%2Fn46Hs42PzjW3FiTvbBc%2FDM1mu6%2Fgm3%2F3h1pv48KW406AcmyB%2BzXFwtgdp8iX1Uc56%2FHiIIhglDGcvpzK8d7C1ui5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
809eb36f6b7224c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIYz-aknfOYRA_pkeX-Fi5U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 4DE2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECq5sWTaIFJPfK0UqXIPUnY&google_cver=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECq5sWTaIFJPfK0UqXIPUnY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuITxKbN6H%2FtOeoTDgVrsNDJdGwsIJv4ycnJ8mVLzuJZq8UQwgleVh6XO6yge7f7pA0%2FuT5Jeg3UEZXLBGkMIWDV8dBR%2FkxHpLwOvQFNI72TbUAxeXjA7HbGgtM8o9vsu0ZNw0oOSh5SJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
809eb36e19ef24c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECq5sWTaIFJPfK0UqXIPUnY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 4DE2 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3SFQAA00CHGNY7Z8TFYS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4DE2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
CookieIndex
rtb.adentifi.com/ Frame 4DE2 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.117.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-117-224.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
rum
dsum-sec.casalemedia.com/ Frame 4DE2
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=b590bebf-a1ea-6c2c-0015c7ad
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=b590bebf-a1ea-6c2c-0015c7ad
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FrUZW4INLrI919zcRCu%2FmWc8kuDv0FyCxVztHjqs9r%2BKhQjBuRBnV2CcKlSgNaW30jsxFmVkm3tzOJz3oSeJSYHwFT5PUIQD6hAqbkAOFNuVkW%2B%2FIO9tqdZD5WTpWc8p1v83RDIngmwtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
809eb36fabb624c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 21 Sep 2023 01:58:03 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=b590bebf-a1ea-6c2c-0015c7ad
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
crum
dsum-sec.casalemedia.com/ Frame 4DE2
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKSB6U1v7m9lo5UmArfk2lxuSgDIXpUU%2FLaOUx1vkQO6%2BnsLF8DYhDtkmHwtBd2jal3FlwOq4VfD5V2SuHe1NZi%2FuiYTccA5pZ0zd5vr1mQRFVr3C6wQmKGq67gDiimG24TBhOJC%2FtwX0g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
809eb36f1b0f24c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=
date
Thu, 21 Sep 2023 01:58:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
content-type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame 4DE2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZQujKwAR9Vc2rQAb
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQujKwAR9Vc2rQAb&_test=ZQujKwAR9Vc2rQAb
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQujKwAR9Vc2rQAb&_test=ZQujKwAR9Vc2rQAb
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tE7nctZgbVTSagDxC5iQAS%2BwuEVVFKcKlvCv0x2VLrzaql86Gxy8bZNAium6%2FPR2eajbzzo4PAdm4y%2FQLqyny8x4XSqHACo2BrWTCkE%2BizVVx3AqeMJlzp9x21w8tyxVbXSTvrGuJ1BYVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
809eb3712d5424c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-eddf8230116-FRA
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1695261483.477474,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZQujKwAR9Vc2rQAb&_test=ZQujKwAR9Vc2rQAb
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 4DE2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KGEK1B205P6T0QR3JRGE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 1A32 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQAIFRgK4GqFAA5jj-wYajExDSNNZKTUZA&u=%7CXjATkX2pIQO4tJVT%2BPOEp5ZFlMOS%2BndR0Vj9RY%2BDw%2BA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2Vb3kdStZ7KjJ06lXPoxjyDrf3QU601MhbxAs_vHxZy0pisJYVD-tyb-q_1vCa7TcRxU_msRkblrmKhoac6Pr4C8u609e1OtgnZWl99zP0SnUsmwZqG9P0TUDvfWyxEb5_OeZDo53Z2f8qw2BkCVYNWbk_ePY9N36cpFNBOMluAmzVzKW3HWqCleSJLD0DsV4BeEMXeIOCbmzir_lXNIAtzqvhAB913NdayTfrR7oeCklZxhfXodD0x-Oulnf2PqZeFBn8tKYxLGUjdJ5HZhZBRTaeuh6IFo1pI3LBIIz95BnSmE7lZFCebVF9XbBWYuzkA8D1cY-c56g8aITN_yOPx_CFSuq52u1PfB4gh78DAAXzyvzcmqNFcIQTBFnrWYVC9A5RALEqX-xxBFM0VPT9h68hXteXLAeWyYjwvF-i6BlbsRo7Bl5ReCuOt13lBIFFiwh1XGcV4SBr1N6Q8D4n36dGfRxkklYUbTTgllZvJY0OwCx3b4-Ct-iub4WgtnwEgEqwUeBjLGWPdDLtMALRfynk_rs31NUlYUMQi8UI1B4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtIeKaMLZZiqIIXVgQePx7kYyZ7SsVzVnZH3cMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJqQKHagKEr9-xPuACAKgDAcgDAqoEsANP0NwNOGiRRyEWz2We03yk365GGqMB1nKNcXrj3bTx_iYaHNLSRLwM4Cbc65dLbU5cqLOserikk-2UlyvY7o-LUnAGidmewCsm-OisSLX8QKd2_Rnd7e1e8t8M2gpF2k5kpqwZiQxf1CAbsZ_0bcIUMy8D0OfNrJ9nJoJZirw6zeqzvjsP0Hda3unCQ0dWd-DcgwnSchXGwWC0jhRTY7cj7OZCcD-3Mm66ew8cHxQKO_tl5P9uSdtM0EFjhn4sdeERMsQdL6pz-r6K4cApziyYJPTFhsCkm4sVO-g8z5u_D7dwsqR74dqPXNNKD2oJxgjxVVz8-MTS9nVCHLdSIAVC5Y0uBqNKVMTeijDJ4bYCjsYwR8yxJWhQfVIf9HWegPoe4Z-KOzprH6-ZZuf9NtMRnTZ82SisD24bIoZs7Ft8qeCKDFhzpJwNWuRdEn9XMQt8sHG5dwBc0wrLPQJF4Z7IcqpTbVOcTayICOh-dHJdLeYRlyQL4q26MbGnlljMHDDWHaZw0OML-3zLqyf9WwGGITBKe3r1jmiF_RKbBpyQ9_39RrZmixkc1HQzFkMZyBjgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OhEf1XLEgmNYCqnckCaAqryxG9g%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Sep 2024 01:58:03 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1A32 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQAIFRgK4GqFAA5jj-wYajExDSNNZKTUZA&u=%7CXjATkX2pIQO4tJVT%2BPOEp5ZFlMOS%2BndR0Vj9RY%2BDw%2BA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2Vb3kdStZ7KjJ06lXPoxjyDrf3QU601MhbxAs_vHxZy0pisJYVD-tyb-q_1vCa7TcRxU_msRkblrmKhoac6Pr4C8u609e1OtgnZWl99zP0SnUsmwZqG9P0TUDvfWyxEb5_OeZDo53Z2f8qw2BkCVYNWbk_ePY9N36cpFNBOMluAmzVzKW3HWqCleSJLD0DsV4BeEMXeIOCbmzir_lXNIAtzqvhAB913NdayTfrR7oeCklZxhfXodD0x-Oulnf2PqZeFBn8tKYxLGUjdJ5HZhZBRTaeuh6IFo1pI3LBIIz95BnSmE7lZFCebVF9XbBWYuzkA8D1cY-c56g8aITN_yOPx_CFSuq52u1PfB4gh78DAAXzyvzcmqNFcIQTBFnrWYVC9A5RALEqX-xxBFM0VPT9h68hXteXLAeWyYjwvF-i6BlbsRo7Bl5ReCuOt13lBIFFiwh1XGcV4SBr1N6Q8D4n36dGfRxkklYUbTTgllZvJY0OwCx3b4-Ct-iub4WgtnwEgEqwUeBjLGWPdDLtMALRfynk_rs31NUlYUMQi8UI1B4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtIeKaMLZZiqIIXVgQePx7kYyZ7SsVzVnZH3cMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJqQKHagKEr9-xPuACAKgDAcgDAqoEsANP0NwNOGiRRyEWz2We03yk365GGqMB1nKNcXrj3bTx_iYaHNLSRLwM4Cbc65dLbU5cqLOserikk-2UlyvY7o-LUnAGidmewCsm-OisSLX8QKd2_Rnd7e1e8t8M2gpF2k5kpqwZiQxf1CAbsZ_0bcIUMy8D0OfNrJ9nJoJZirw6zeqzvjsP0Hda3unCQ0dWd-DcgwnSchXGwWC0jhRTY7cj7OZCcD-3Mm66ew8cHxQKO_tl5P9uSdtM0EFjhn4sdeERMsQdL6pz-r6K4cApziyYJPTFhsCkm4sVO-g8z5u_D7dwsqR74dqPXNNKD2oJxgjxVVz8-MTS9nVCHLdSIAVC5Y0uBqNKVMTeijDJ4bYCjsYwR8yxJWhQfVIf9HWegPoe4Z-KOzprH6-ZZuf9NtMRnTZ82SisD24bIoZs7Ft8qeCKDFhzpJwNWuRdEn9XMQt8sHG5dwBc0wrLPQJF4Z7IcqpTbVOcTayICOh-dHJdLeYRlyQL4q26MbGnlljMHDDWHaZw0OML-3zLqyf9WwGGITBKe3r1jmiF_RKbBpyQ9_39RrZmixkc1HQzFkMZyBjgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OhEf1XLEgmNYCqnckCaAqryxG9g%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Sep 2024 01:58:03 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 1A32 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQAIFRgK4GqFAA5jj-wYajExDSNNZKTUZA&u=%7CXjATkX2pIQO4tJVT%2BPOEp5ZFlMOS%2BndR0Vj9RY%2BDw%2BA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2Vb3kdStZ7KjJ06lXPoxjyDrf3QU601MhbxAs_vHxZy0pisJYVD-tyb-q_1vCa7TcRxU_msRkblrmKhoac6Pr4C8u609e1OtgnZWl99zP0SnUsmwZqG9P0TUDvfWyxEb5_OeZDo53Z2f8qw2BkCVYNWbk_ePY9N36cpFNBOMluAmzVzKW3HWqCleSJLD0DsV4BeEMXeIOCbmzir_lXNIAtzqvhAB913NdayTfrR7oeCklZxhfXodD0x-Oulnf2PqZeFBn8tKYxLGUjdJ5HZhZBRTaeuh6IFo1pI3LBIIz95BnSmE7lZFCebVF9XbBWYuzkA8D1cY-c56g8aITN_yOPx_CFSuq52u1PfB4gh78DAAXzyvzcmqNFcIQTBFnrWYVC9A5RALEqX-xxBFM0VPT9h68hXteXLAeWyYjwvF-i6BlbsRo7Bl5ReCuOt13lBIFFiwh1XGcV4SBr1N6Q8D4n36dGfRxkklYUbTTgllZvJY0OwCx3b4-Ct-iub4WgtnwEgEqwUeBjLGWPdDLtMALRfynk_rs31NUlYUMQi8UI1B4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtIeKaMLZZiqIIXVgQePx7kYyZ7SsVzVnZH3cMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJqQKHagKEr9-xPuACAKgDAcgDAqoEsANP0NwNOGiRRyEWz2We03yk365GGqMB1nKNcXrj3bTx_iYaHNLSRLwM4Cbc65dLbU5cqLOserikk-2UlyvY7o-LUnAGidmewCsm-OisSLX8QKd2_Rnd7e1e8t8M2gpF2k5kpqwZiQxf1CAbsZ_0bcIUMy8D0OfNrJ9nJoJZirw6zeqzvjsP0Hda3unCQ0dWd-DcgwnSchXGwWC0jhRTY7cj7OZCcD-3Mm66ew8cHxQKO_tl5P9uSdtM0EFjhn4sdeERMsQdL6pz-r6K4cApziyYJPTFhsCkm4sVO-g8z5u_D7dwsqR74dqPXNNKD2oJxgjxVVz8-MTS9nVCHLdSIAVC5Y0uBqNKVMTeijDJ4bYCjsYwR8yxJWhQfVIf9HWegPoe4Z-KOzprH6-ZZuf9NtMRnTZ82SisD24bIoZs7Ft8qeCKDFhzpJwNWuRdEn9XMQt8sHG5dwBc0wrLPQJF4Z7IcqpTbVOcTayICOh-dHJdLeYRlyQL4q26MbGnlljMHDDWHaZw0OML-3zLqyf9WwGGITBKe3r1jmiF_RKbBpyQ9_39RrZmixkc1HQzFkMZyBjgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OhEf1XLEgmNYCqnckCaAqryxG9g%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 15 Sep 2024 01:58:03 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 1A32 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQAIFRgK4GqFAA5jj-wYajExDSNNZKTUZA&u=%7CXjATkX2pIQO4tJVT%2BPOEp5ZFlMOS%2BndR0Vj9RY%2BDw%2BA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2Vb3kdStZ7KjJ06lXPoxjyDrf3QU601MhbxAs_vHxZy0pisJYVD-tyb-q_1vCa7TcRxU_msRkblrmKhoac6Pr4C8u609e1OtgnZWl99zP0SnUsmwZqG9P0TUDvfWyxEb5_OeZDo53Z2f8qw2BkCVYNWbk_ePY9N36cpFNBOMluAmzVzKW3HWqCleSJLD0DsV4BeEMXeIOCbmzir_lXNIAtzqvhAB913NdayTfrR7oeCklZxhfXodD0x-Oulnf2PqZeFBn8tKYxLGUjdJ5HZhZBRTaeuh6IFo1pI3LBIIz95BnSmE7lZFCebVF9XbBWYuzkA8D1cY-c56g8aITN_yOPx_CFSuq52u1PfB4gh78DAAXzyvzcmqNFcIQTBFnrWYVC9A5RALEqX-xxBFM0VPT9h68hXteXLAeWyYjwvF-i6BlbsRo7Bl5ReCuOt13lBIFFiwh1XGcV4SBr1N6Q8D4n36dGfRxkklYUbTTgllZvJY0OwCx3b4-Ct-iub4WgtnwEgEqwUeBjLGWPdDLtMALRfynk_rs31NUlYUMQi8UI1B4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtIeKaMLZZiqIIXVgQePx7kYyZ7SsVzVnZH3cMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJqQKHagKEr9-xPuACAKgDAcgDAqoEsANP0NwNOGiRRyEWz2We03yk365GGqMB1nKNcXrj3bTx_iYaHNLSRLwM4Cbc65dLbU5cqLOserikk-2UlyvY7o-LUnAGidmewCsm-OisSLX8QKd2_Rnd7e1e8t8M2gpF2k5kpqwZiQxf1CAbsZ_0bcIUMy8D0OfNrJ9nJoJZirw6zeqzvjsP0Hda3unCQ0dWd-DcgwnSchXGwWC0jhRTY7cj7OZCcD-3Mm66ew8cHxQKO_tl5P9uSdtM0EFjhn4sdeERMsQdL6pz-r6K4cApziyYJPTFhsCkm4sVO-g8z5u_D7dwsqR74dqPXNNKD2oJxgjxVVz8-MTS9nVCHLdSIAVC5Y0uBqNKVMTeijDJ4bYCjsYwR8yxJWhQfVIf9HWegPoe4Z-KOzprH6-ZZuf9NtMRnTZ82SisD24bIoZs7Ft8qeCKDFhzpJwNWuRdEn9XMQt8sHG5dwBc0wrLPQJF4Z7IcqpTbVOcTayICOh-dHJdLeYRlyQL4q26MbGnlljMHDDWHaZw0OML-3zLqyf9WwGGITBKe3r1jmiF_RKbBpyQ9_39RrZmixkc1HQzFkMZyBjgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OhEf1XLEgmNYCqnckCaAqryxG9g%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 15 Sep 2024 01:58:03 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 1A32 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=HHzQUNZKZMTgrR9AIM8Xf7aO4IH9dqUWSI9eFqTiNyLxqNYPRKGmnrBYkkqVU69YPkS1momzpobykLhYkmjK-pbw5R3DrRLgMMjcNs3waA8kTNTQeHhTr0JcN4Hf3Dkmi0MUfISdKx2ldkfvWUuIOUV_vqPA2LR9OCMsfQ9XoO1j_6NGvlx7zucPD0OXOu089kdrRaOVzZcEtNYZeuBCi-ci4HzrjjwW2rMLlBOQwyhP76b1hw5GdeT1xU9oGoIpmA3a09RgB4UIEtuftfD-_a4N9oZi_F4wwc8DqMKd2YNvmLpHmLNrHtBtvtEN7EM4XdZz1H39qZnbMON2QfNOr3LDzXK0QUMtImB9t7iTjZtGQaKlochs0ci9XeKnZDA4RFN3YfFxr4viQQqf0aiasV5Bv3bYBCROe9Ta8HxIQj-R8MdksAjMWxSXGhzkhDHAiMykJQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQAIFRgK4GqFAA5jj-wYajExDSNNZKTUZA&u=%7CXjATkX2pIQO4tJVT%2BPOEp5ZFlMOS%2BndR0Vj9RY%2BDw%2BA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2Vb3kdStZ7KjJ06lXPoxjyDrf3QU601MhbxAs_vHxZy0pisJYVD-tyb-q_1vCa7TcRxU_msRkblrmKhoac6Pr4C8u609e1OtgnZWl99zP0SnUsmwZqG9P0TUDvfWyxEb5_OeZDo53Z2f8qw2BkCVYNWbk_ePY9N36cpFNBOMluAmzVzKW3HWqCleSJLD0DsV4BeEMXeIOCbmzir_lXNIAtzqvhAB913NdayTfrR7oeCklZxhfXodD0x-Oulnf2PqZeFBn8tKYxLGUjdJ5HZhZBRTaeuh6IFo1pI3LBIIz95BnSmE7lZFCebVF9XbBWYuzkA8D1cY-c56g8aITN_yOPx_CFSuq52u1PfB4gh78DAAXzyvzcmqNFcIQTBFnrWYVC9A5RALEqX-xxBFM0VPT9h68hXteXLAeWyYjwvF-i6BlbsRo7Bl5ReCuOt13lBIFFiwh1XGcV4SBr1N6Q8D4n36dGfRxkklYUbTTgllZvJY0OwCx3b4-Ct-iub4WgtnwEgEqwUeBjLGWPdDLtMALRfynk_rs31NUlYUMQi8UI1B4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtIeKaMLZZiqIIXVgQePx7kYyZ7SsVzVnZH3cMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJqQKHagKEr9-xPuACAKgDAcgDAqoEsANP0NwNOGiRRyEWz2We03yk365GGqMB1nKNcXrj3bTx_iYaHNLSRLwM4Cbc65dLbU5cqLOserikk-2UlyvY7o-LUnAGidmewCsm-OisSLX8QKd2_Rnd7e1e8t8M2gpF2k5kpqwZiQxf1CAbsZ_0bcIUMy8D0OfNrJ9nJoJZirw6zeqzvjsP0Hda3unCQ0dWd-DcgwnSchXGwWC0jhRTY7cj7OZCcD-3Mm66ew8cHxQKO_tl5P9uSdtM0EFjhn4sdeERMsQdL6pz-r6K4cApziyYJPTFhsCkm4sVO-g8z5u_D7dwsqR74dqPXNNKD2oJxgjxVVz8-MTS9nVCHLdSIAVC5Y0uBqNKVMTeijDJ4bYCjsYwR8yxJWhQfVIf9HWegPoe4Z-KOzprH6-ZZuf9NtMRnTZ82SisD24bIoZs7Ft8qeCKDFhzpJwNWuRdEn9XMQt8sHG5dwBc0wrLPQJF4Z7IcqpTbVOcTayICOh-dHJdLeYRlyQL4q26MbGnlljMHDDWHaZw0OML-3zLqyf9WwGGITBKe3r1jmiF_RKbBpyQ9_39RrZmixkc1HQzFkMZyBjgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OhEf1XLEgmNYCqnckCaAqryxG9g%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3016655
expires
Mon, 26 Jul 1997 05:00:00 GMT
ingest.php
events.newsroom.bi/ 		2 B
779 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
116.202.150.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy01.cl03.het.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
ea05d466-f785-4b9a-a030-6fdc6a39498f
config.aps.amazon-adsystem.com/configs/ Frame 139E 		537 B
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
a1b036e3d7eb1491db0fc122ad85e23cbd323a47a7213782b53a781835ab60d5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:32:30 GMT
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
1533
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
Z4uYyU3buoa-mWGkAtp4A5Mp3AH6Yqku3bDFHqMCG5TJZ8w8yxl6uw==
publisher.js
client.aps.amazon-adsystem.com/ Frame 139E 		234 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.aps.amazon-adsystem.com/publisher.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86cce78497865dc947e77166c36ed22dda2f7189d41741f5ef7052adf8ffd4b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
br
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
last-modified
Thu, 14 Sep 2023 19:04:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
etag
W/"352b7c5cc6451bdd1e2d19a95cf470a0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=3600
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
ojoNqoU7EFBT0daHK0_mUPishVRVDyNwLmHOVpqPBWeFTxWrwvGiRA==
truncated
/ Frame 139E 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d51aa412983bb179451b98ec954890879c7e39b803771679de7fd09c2faae21e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ea05d466-f785-4b9a-a030-6fdc6a39498f
config.aps.amazon-adsystem.com/configs/ Frame 8867 		537 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
a1b036e3d7eb1491db0fc122ad85e23cbd323a47a7213782b53a781835ab60d5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:32:30 GMT
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
1533
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
e7jAyb0aKJd_X0UzjTgXkTWYEqFu1OLe-K7qh1GIdBjPNImUME2j1Q==
publisher.js
client.aps.amazon-adsystem.com/ Frame 8867 		234 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.aps.amazon-adsystem.com/publisher.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86cce78497865dc947e77166c36ed22dda2f7189d41741f5ef7052adf8ffd4b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
br
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
last-modified
Thu, 14 Sep 2023 19:03:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
etag
W/"352b7c5cc6451bdd1e2d19a95cf470a0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=3600
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
e_ab67IwCZwmlHY8IZnRqaXfR-vJO-hsjXC9ZcWc7lWZ27W2y8iDNg==
truncated
/ Frame 8867 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
224ce81c9c235b6cbf1bbbd874e11f4cbd55b19514a4121347a3fd6b165120db

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2155 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQANS_UK3oybAAyIvCpqjTFF5NKTH8769g&u=%7CXjATkX2pIQMvags1HSAP1Xb8sZO4B3C15X3VZHFq4Qk%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2VbjBE30yWNVeKP-DrcZK6qd_0LxqtSDAZxv2BjuWqB9fvfvkS9v5w06kORLnDFW4WFHWZCGveMIXJ2_HgVihJtftdeIwXVT4D7BVnfBbApVDJkT3fhjLCHSKNbdEYzbMiJMH7OtBw4ZSdfJUN5BibbbJ5l5ppPmlUSpwq1YVMH4zvYpZqW2C0tR4le1JdSyKEo2F8wjY8PlyDYS3p4PuHhF-36NwrHCXMO4z59plZ6tNYo3ebAyMWH68tRvW_3K_yWH1TZfhRghzMwM3vM7kzx6WQIYXJujvrxEy7_3UdsE4caRACRUirbE5q0OEUwOCDn8-SBX4RdXLy0wBOhGwJyREx8U9MfI3EogQ_TFG5DofmzHfj6Ea5uYDb9Y1LjUz1dN0j8B4zNvMIPkDGDlGYcetd1eB5lepZfXyyHCQ0BD6qHU3HBPHkhnBK1jTN4cwUrU-NeexsvkWS05SihvPqttQqBcZIJDhXwy6TERkQMNU5QfO_FGgPZg4otvA7Ds8egYcBUCySIMaIvP8JWvI40Zvt_HmCIXwF5ePu9m0VZHPc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwomaKaMLZfWXNZuZ-ga8kbLQD8me0rFc9Z2Y93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCujd5SF7isT7gAgCoAwHIAwKqBK0DT9CB_btKipgKfAsQnSR3Mu9etGmWuKDi3OHsGX-5FbBgSNxWAjWbmxGAefL9Jy_S39N_5pHyBgZncmTsAPmw90AAbgxjS_ugUcjMpX8Y_nKlNvP-RwCiBK_cVh9XaOY1F1XyYPmGFKOeSRDVXkA4kTc8qatZo2SxMCGoDKXURieu-LJbw1J7dvJHoOs-bzaOoE90Vs0nhAlCCITu6IsKaA2oZpf97omYZ-RkQtl8j3ELZTKWZVWdmFtzZc-gaSTheICfrgT9TCWj8w77d7vt23muZGH_C4KzxLkkrRobSrz8ksWotMMvj_99oCX1KplLf61IAdiGaG82i_WUljzcSh5RkkKXFQzw5zzugeS3GFYlv1aTeFZH4BDsqJF2pnVT2RCEGJwv5XtIj48X0JtlQWoCoEg2WBtGBkxet-gQmOZaxV0EIlLrm__LfD3x2OZMPZhGrBhywU-76L4WMp6MjgUr-8x0eLIIqnwnsnpbWjbri6IrYhYVcz5amzZ7dujy_FAblJft3L3CJ64atpMBk1Gdv_sULjHvYx6o-hL-XycEveNzcpRZU_J_kXz34AQBgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvi_STlc2BsAZ4UwDyyFP2He77Q%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Sep 2024 01:58:03 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2155 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQANS_UK3oybAAyIvCpqjTFF5NKTH8769g&u=%7CXjATkX2pIQMvags1HSAP1Xb8sZO4B3C15X3VZHFq4Qk%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2VbjBE30yWNVeKP-DrcZK6qd_0LxqtSDAZxv2BjuWqB9fvfvkS9v5w06kORLnDFW4WFHWZCGveMIXJ2_HgVihJtftdeIwXVT4D7BVnfBbApVDJkT3fhjLCHSKNbdEYzbMiJMH7OtBw4ZSdfJUN5BibbbJ5l5ppPmlUSpwq1YVMH4zvYpZqW2C0tR4le1JdSyKEo2F8wjY8PlyDYS3p4PuHhF-36NwrHCXMO4z59plZ6tNYo3ebAyMWH68tRvW_3K_yWH1TZfhRghzMwM3vM7kzx6WQIYXJujvrxEy7_3UdsE4caRACRUirbE5q0OEUwOCDn8-SBX4RdXLy0wBOhGwJyREx8U9MfI3EogQ_TFG5DofmzHfj6Ea5uYDb9Y1LjUz1dN0j8B4zNvMIPkDGDlGYcetd1eB5lepZfXyyHCQ0BD6qHU3HBPHkhnBK1jTN4cwUrU-NeexsvkWS05SihvPqttQqBcZIJDhXwy6TERkQMNU5QfO_FGgPZg4otvA7Ds8egYcBUCySIMaIvP8JWvI40Zvt_HmCIXwF5ePu9m0VZHPc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwomaKaMLZfWXNZuZ-ga8kbLQD8me0rFc9Z2Y93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCujd5SF7isT7gAgCoAwHIAwKqBK0DT9CB_btKipgKfAsQnSR3Mu9etGmWuKDi3OHsGX-5FbBgSNxWAjWbmxGAefL9Jy_S39N_5pHyBgZncmTsAPmw90AAbgxjS_ugUcjMpX8Y_nKlNvP-RwCiBK_cVh9XaOY1F1XyYPmGFKOeSRDVXkA4kTc8qatZo2SxMCGoDKXURieu-LJbw1J7dvJHoOs-bzaOoE90Vs0nhAlCCITu6IsKaA2oZpf97omYZ-RkQtl8j3ELZTKWZVWdmFtzZc-gaSTheICfrgT9TCWj8w77d7vt23muZGH_C4KzxLkkrRobSrz8ksWotMMvj_99oCX1KplLf61IAdiGaG82i_WUljzcSh5RkkKXFQzw5zzugeS3GFYlv1aTeFZH4BDsqJF2pnVT2RCEGJwv5XtIj48X0JtlQWoCoEg2WBtGBkxet-gQmOZaxV0EIlLrm__LfD3x2OZMPZhGrBhywU-76L4WMp6MjgUr-8x0eLIIqnwnsnpbWjbri6IrYhYVcz5amzZ7dujy_FAblJft3L3CJ64atpMBk1Gdv_sULjHvYx6o-hL-XycEveNzcpRZU_J_kXz34AQBgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvi_STlc2BsAZ4UwDyyFP2He77Q%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Sep 2024 01:58:03 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2155 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQANS_UK3oybAAyIvCpqjTFF5NKTH8769g&u=%7CXjATkX2pIQMvags1HSAP1Xb8sZO4B3C15X3VZHFq4Qk%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2VbjBE30yWNVeKP-DrcZK6qd_0LxqtSDAZxv2BjuWqB9fvfvkS9v5w06kORLnDFW4WFHWZCGveMIXJ2_HgVihJtftdeIwXVT4D7BVnfBbApVDJkT3fhjLCHSKNbdEYzbMiJMH7OtBw4ZSdfJUN5BibbbJ5l5ppPmlUSpwq1YVMH4zvYpZqW2C0tR4le1JdSyKEo2F8wjY8PlyDYS3p4PuHhF-36NwrHCXMO4z59plZ6tNYo3ebAyMWH68tRvW_3K_yWH1TZfhRghzMwM3vM7kzx6WQIYXJujvrxEy7_3UdsE4caRACRUirbE5q0OEUwOCDn8-SBX4RdXLy0wBOhGwJyREx8U9MfI3EogQ_TFG5DofmzHfj6Ea5uYDb9Y1LjUz1dN0j8B4zNvMIPkDGDlGYcetd1eB5lepZfXyyHCQ0BD6qHU3HBPHkhnBK1jTN4cwUrU-NeexsvkWS05SihvPqttQqBcZIJDhXwy6TERkQMNU5QfO_FGgPZg4otvA7Ds8egYcBUCySIMaIvP8JWvI40Zvt_HmCIXwF5ePu9m0VZHPc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwomaKaMLZfWXNZuZ-ga8kbLQD8me0rFc9Z2Y93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCujd5SF7isT7gAgCoAwHIAwKqBK0DT9CB_btKipgKfAsQnSR3Mu9etGmWuKDi3OHsGX-5FbBgSNxWAjWbmxGAefL9Jy_S39N_5pHyBgZncmTsAPmw90AAbgxjS_ugUcjMpX8Y_nKlNvP-RwCiBK_cVh9XaOY1F1XyYPmGFKOeSRDVXkA4kTc8qatZo2SxMCGoDKXURieu-LJbw1J7dvJHoOs-bzaOoE90Vs0nhAlCCITu6IsKaA2oZpf97omYZ-RkQtl8j3ELZTKWZVWdmFtzZc-gaSTheICfrgT9TCWj8w77d7vt23muZGH_C4KzxLkkrRobSrz8ksWotMMvj_99oCX1KplLf61IAdiGaG82i_WUljzcSh5RkkKXFQzw5zzugeS3GFYlv1aTeFZH4BDsqJF2pnVT2RCEGJwv5XtIj48X0JtlQWoCoEg2WBtGBkxet-gQmOZaxV0EIlLrm__LfD3x2OZMPZhGrBhywU-76L4WMp6MjgUr-8x0eLIIqnwnsnpbWjbri6IrYhYVcz5amzZ7dujy_FAblJft3L3CJ64atpMBk1Gdv_sULjHvYx6o-hL-XycEveNzcpRZU_J_kXz34AQBgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvi_STlc2BsAZ4UwDyyFP2He77Q%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 15 Sep 2024 01:58:03 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2155 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQANS_UK3oybAAyIvCpqjTFF5NKTH8769g&u=%7CXjATkX2pIQMvags1HSAP1Xb8sZO4B3C15X3VZHFq4Qk%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2VbjBE30yWNVeKP-DrcZK6qd_0LxqtSDAZxv2BjuWqB9fvfvkS9v5w06kORLnDFW4WFHWZCGveMIXJ2_HgVihJtftdeIwXVT4D7BVnfBbApVDJkT3fhjLCHSKNbdEYzbMiJMH7OtBw4ZSdfJUN5BibbbJ5l5ppPmlUSpwq1YVMH4zvYpZqW2C0tR4le1JdSyKEo2F8wjY8PlyDYS3p4PuHhF-36NwrHCXMO4z59plZ6tNYo3ebAyMWH68tRvW_3K_yWH1TZfhRghzMwM3vM7kzx6WQIYXJujvrxEy7_3UdsE4caRACRUirbE5q0OEUwOCDn8-SBX4RdXLy0wBOhGwJyREx8U9MfI3EogQ_TFG5DofmzHfj6Ea5uYDb9Y1LjUz1dN0j8B4zNvMIPkDGDlGYcetd1eB5lepZfXyyHCQ0BD6qHU3HBPHkhnBK1jTN4cwUrU-NeexsvkWS05SihvPqttQqBcZIJDhXwy6TERkQMNU5QfO_FGgPZg4otvA7Ds8egYcBUCySIMaIvP8JWvI40Zvt_HmCIXwF5ePu9m0VZHPc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwomaKaMLZfWXNZuZ-ga8kbLQD8me0rFc9Z2Y93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCujd5SF7isT7gAgCoAwHIAwKqBK0DT9CB_btKipgKfAsQnSR3Mu9etGmWuKDi3OHsGX-5FbBgSNxWAjWbmxGAefL9Jy_S39N_5pHyBgZncmTsAPmw90AAbgxjS_ugUcjMpX8Y_nKlNvP-RwCiBK_cVh9XaOY1F1XyYPmGFKOeSRDVXkA4kTc8qatZo2SxMCGoDKXURieu-LJbw1J7dvJHoOs-bzaOoE90Vs0nhAlCCITu6IsKaA2oZpf97omYZ-RkQtl8j3ELZTKWZVWdmFtzZc-gaSTheICfrgT9TCWj8w77d7vt23muZGH_C4KzxLkkrRobSrz8ksWotMMvj_99oCX1KplLf61IAdiGaG82i_WUljzcSh5RkkKXFQzw5zzugeS3GFYlv1aTeFZH4BDsqJF2pnVT2RCEGJwv5XtIj48X0JtlQWoCoEg2WBtGBkxet-gQmOZaxV0EIlLrm__LfD3x2OZMPZhGrBhywU-76L4WMp6MjgUr-8x0eLIIqnwnsnpbWjbri6IrYhYVcz5amzZ7dujy_FAblJft3L3CJ64atpMBk1Gdv_sULjHvYx6o-hL-XycEveNzcpRZU_J_kXz34AQBgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvi_STlc2BsAZ4UwDyyFP2He77Q%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 15 Sep 2024 01:58:03 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 2155 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=5Li0lvwzMRgNxF8mG-GygioVUOtQDDkIJxwGI6hwul3mezw7GRZ9iHTpVXSrr6wYCHIETnQjox2M8-itMYFWAfnbiZD_6eT6Qj-T2kS3EZjhjP-YX5G2vZ5wecMaXAxS-m6ei1UJrYYKwyYchlUoZK696Kt0aF_Ii4B-3V6dhJw_1o1_3j3U1DDyK-Hyc3zyxsiLl0KDSEIrW603zqGIbPNRdV8ZgIZfWh-444Jx0xGeDcmSWOsunDG0njkSAXKf02QxhK1ryAkwOuTj9bIg9ZK-JwBSRfjS3_YvewmPICT7i0W8PrvX5JWWH-J811JgMffZmJ-HO0dPcQw6iqQwE7Nk3Wwwl3jU8yog6HPmEdCxnR-_ShKuOH3eHgTqw27ZSLUCiGwzQqlKisrvySHDt_ggozzpuViZQg2J5gu44XyZSASQ-0_AxIvrgQhqeyjY0PWs_A
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQANS_UK3oybAAyIvCpqjTFF5NKTH8769g&u=%7CXjATkX2pIQMvags1HSAP1Xb8sZO4B3C15X3VZHFq4Qk%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2VbjBE30yWNVeKP-DrcZK6qd_0LxqtSDAZxv2BjuWqB9fvfvkS9v5w06kORLnDFW4WFHWZCGveMIXJ2_HgVihJtftdeIwXVT4D7BVnfBbApVDJkT3fhjLCHSKNbdEYzbMiJMH7OtBw4ZSdfJUN5BibbbJ5l5ppPmlUSpwq1YVMH4zvYpZqW2C0tR4le1JdSyKEo2F8wjY8PlyDYS3p4PuHhF-36NwrHCXMO4z59plZ6tNYo3ebAyMWH68tRvW_3K_yWH1TZfhRghzMwM3vM7kzx6WQIYXJujvrxEy7_3UdsE4caRACRUirbE5q0OEUwOCDn8-SBX4RdXLy0wBOhGwJyREx8U9MfI3EogQ_TFG5DofmzHfj6Ea5uYDb9Y1LjUz1dN0j8B4zNvMIPkDGDlGYcetd1eB5lepZfXyyHCQ0BD6qHU3HBPHkhnBK1jTN4cwUrU-NeexsvkWS05SihvPqttQqBcZIJDhXwy6TERkQMNU5QfO_FGgPZg4otvA7Ds8egYcBUCySIMaIvP8JWvI40Zvt_HmCIXwF5ePu9m0VZHPc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwomaKaMLZfWXNZuZ-ga8kbLQD8me0rFc9Z2Y93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCujd5SF7isT7gAgCoAwHIAwKqBK0DT9CB_btKipgKfAsQnSR3Mu9etGmWuKDi3OHsGX-5FbBgSNxWAjWbmxGAefL9Jy_S39N_5pHyBgZncmTsAPmw90AAbgxjS_ugUcjMpX8Y_nKlNvP-RwCiBK_cVh9XaOY1F1XyYPmGFKOeSRDVXkA4kTc8qatZo2SxMCGoDKXURieu-LJbw1J7dvJHoOs-bzaOoE90Vs0nhAlCCITu6IsKaA2oZpf97omYZ-RkQtl8j3ELZTKWZVWdmFtzZc-gaSTheICfrgT9TCWj8w77d7vt23muZGH_C4KzxLkkrRobSrz8ksWotMMvj_99oCX1KplLf61IAdiGaG82i_WUljzcSh5RkkKXFQzw5zzugeS3GFYlv1aTeFZH4BDsqJF2pnVT2RCEGJwv5XtIj48X0JtlQWoCoEg2WBtGBkxet-gQmOZaxV0EIlLrm__LfD3x2OZMPZhGrBhywU-76L4WMp6MjgUr-8x0eLIIqnwnsnpbWjbri6IrYhYVcz5amzZ7dujy_FAblJft3L3CJ64atpMBk1Gdv_sULjHvYx6o-hL-XycEveNzcpRZU_J_kXz34AQBgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvi_STlc2BsAZ4UwDyyFP2He77Q%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3489936
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 7CC8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Sep 2024 01:58:03 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7CC8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Sep 2024 01:58:03 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 7CC8 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 15 Sep 2024 01:58:03 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 7CC8 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 15 Sep 2024 01:58:03 GMT
lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 7CC8 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=eqwKl5adRTQLVUSji_4DwdAUzKBBCjJqLJ7LRXpsLrJ9t7TkFAVPvZmUZMu0yEWwIoI5Z7MRnwMRjUBGpvJtUIqpEsn44Bq3WhpVwuui95HeB14F8bZwtKcB2OsY_ScpK9NoK2k0FZQuc95AhkDXW7LvPrrn4yFN3PCs_xWpvJOM1OnbYYI4EFzIAF_P6gIWUCBis2DaZbNTqBLJgLTbhMN-6qfUcPAcPXiqRyNX5j8YAsI7EIlCdQOe4cz7kALDsEVaRRCFcoLNR3XxFzoMbenhKMN8ndOn2h6b1xH0bf-S-xBJyEzKoztUe3PaQFSJgxKCPXnFA3sP1DQ0PMkLyCSDmXQe3S45Z0NjGFNABy6-TCAadab9B4eViHtb34HZwrXsnwRDJXxE3q0k3PQodNDWtineenJcvtKMh0oiu0dtmx-G
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2986306
expires
Mon, 26 Jul 1997 05:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 88F1 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
extra
horizon-track.globo.com/event/ 		0
365 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://horizon-track.globo.com/event/extra
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary8ACanfLY3xW6Qdyq

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
x-served-from
hzt-tsuru
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
access-control-allow-headers
user,User-Agent,Content-Type,GLBID,GLBUID,GST
content-length
0
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1A32 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQAIFRgK4GqFAA5jj-wYajExDSNNZKTUZA&u=%7CXjATkX2pIQO4tJVT%2BPOEp5ZFlMOS%2BndR0Vj9RY%2BDw%2BA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2Vb3kdStZ7KjJ06lXPoxjyDrf3QU601MhbxAs_vHxZy0pisJYVD-tyb-q_1vCa7TcRxU_msRkblrmKhoac6Pr4C8u609e1OtgnZWl99zP0SnUsmwZqG9P0TUDvfWyxEb5_OeZDo53Z2f8qw2BkCVYNWbk_ePY9N36cpFNBOMluAmzVzKW3HWqCleSJLD0DsV4BeEMXeIOCbmzir_lXNIAtzqvhAB913NdayTfrR7oeCklZxhfXodD0x-Oulnf2PqZeFBn8tKYxLGUjdJ5HZhZBRTaeuh6IFo1pI3LBIIz95BnSmE7lZFCebVF9XbBWYuzkA8D1cY-c56g8aITN_yOPx_CFSuq52u1PfB4gh78DAAXzyvzcmqNFcIQTBFnrWYVC9A5RALEqX-xxBFM0VPT9h68hXteXLAeWyYjwvF-i6BlbsRo7Bl5ReCuOt13lBIFFiwh1XGcV4SBr1N6Q8D4n36dGfRxkklYUbTTgllZvJY0OwCx3b4-Ct-iub4WgtnwEgEqwUeBjLGWPdDLtMALRfynk_rs31NUlYUMQi8UI1B4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtIeKaMLZZiqIIXVgQePx7kYyZ7SsVzVnZH3cMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJqQKHagKEr9-xPuACAKgDAcgDAqoEsANP0NwNOGiRRyEWz2We03yk365GGqMB1nKNcXrj3bTx_iYaHNLSRLwM4Cbc65dLbU5cqLOserikk-2UlyvY7o-LUnAGidmewCsm-OisSLX8QKd2_Rnd7e1e8t8M2gpF2k5kpqwZiQxf1CAbsZ_0bcIUMy8D0OfNrJ9nJoJZirw6zeqzvjsP0Hda3unCQ0dWd-DcgwnSchXGwWC0jhRTY7cj7OZCcD-3Mm66ew8cHxQKO_tl5P9uSdtM0EFjhn4sdeERMsQdL6pz-r6K4cApziyYJPTFhsCkm4sVO-g8z5u_D7dwsqR74dqPXNNKD2oJxgjxVVz8-MTS9nVCHLdSIAVC5Y0uBqNKVMTeijDJ4bYCjsYwR8yxJWhQfVIf9HWegPoe4Z-KOzprH6-ZZuf9NtMRnTZ82SisD24bIoZs7Ft8qeCKDFhzpJwNWuRdEn9XMQt8sHG5dwBc0wrLPQJF4Z7IcqpTbVOcTayICOh-dHJdLeYRlyQL4q26MbGnlljMHDDWHaZw0OML-3zLqyf9WwGGITBKe3r1jmiF_RKbBpyQ9_39RrZmixkc1HQzFkMZyBjgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OhEf1XLEgmNYCqnckCaAqryxG9g%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
614052
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zs4iQv91EuRr11mGWfTc7O%2FbgR53K6tXL00qCVI%2FnFSuRf2501IHygyp6bDF%2FcH4AkGpIaKGT8IyI%2FkXvBXS3jEYsNfTXJ0mr62c7Qjz%2F%2FnU%2BWK6MoqqqlM2YuIzyWsdRZfqNCFal2qDeZUttOUiXCdt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
809eb36e9ae024c6-ZRH
expires
Tue, 10 Sep 2024 01:58:03 GMT
truncated
/ Frame 4784 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5033293e256bb175ce2bc73ac163961a4ca34595815bdd67f702a5f74422d727

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
usergate.globo.com/ 		28 B
302 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://usergate.globo.com/
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.44.198.35.bc.googleusercontent.com
Software
/
Resource Hash
1b9e67bc1ba473352d144e6ba0aac3ddb281c94057a8292763044c5cc2a81fbb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
access-control-allow-headers
User-Agent,Content-Type,Cookie,X-App,GLBID,GST
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
666 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fe4ffc21252283544f0ed52508407b5d5bc55b157f888990ef0b332c377074b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
641
x-xss-protection
0
expires
Thu, 21 Sep 2023 01:58:03 GMT
d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/ 		1 MB
322 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/dmp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8735102c115e4801631c78b33ef72f88325bc9de8c1f7546047f135b1d5e378

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
d39f98ec-9259-4f8b-896d-7ab58be1f900
age
0
x-guploader-uploadid
ADPycdvZIUad9L_UkHYHUlSQ31PulstD2laSwkQMPhI93CGY6k92yl8OLDKj5h-1BbKYUqsIajoNzyROIxcn97KlrIZ627mMZt_g
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Wed, 20 Sep 2023 21:50:29 GMT
server
cloudflare
etag
W/"259eb764bb3d63aef08308a1dd89072e"
vary
Accept-Encoding
x-goog-generation
1695246629271467
content-type
application/javascript
x-goog-hash
crc32c=fFRBMA==, md5=JZ63ZLs9Y67wgwih3YkHLg==
cache-control
public, max-age=900
x-goog-stored-content-length
349764
timing-allow-origin
*
cf-ray
809eb36ef8c601fc-ZRH
expires
Thu, 21 Sep 2023 02:13:03 GMT
st_1.520fa92da0cf447ab748.js
t.seedtag.com/c/ 		59 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_1.520fa92da0cf447ab748.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/5032-5905-01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc467050b657f3763d58946484d347427013193d33a3c1b691863a7af681fcd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
38154
x-guploader-uploadid
ADPycdsZupphRz0O2MJFMEcHkVrND_sSLilYP-jnZj5URjwfm2bW4wty7rgyf0lh4qIFWcOsZSld4fjiSNTo4h5RoNZxaqhEUabA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Sep 2023 15:21:58 GMT
server
cloudflare
etag
W/"c40f05c9334aa5142ea4586e07053c61"
vary
Accept-Encoding
x-goog-generation
1695223318486927
content-type
application/javascript
x-goog-hash
crc32c=r13Ygg==, md5=xA8FyTNKpRQupFhuBwU8YQ==
cache-control
public, max-age=5356800
x-goog-stored-content-length
17650
cf-ray
809eb36eecb101df-ZRH
expires
Wed, 22 Nov 2023 01:58:03 GMT
st_0.f0c68b402cbaf8d7f32c.js
t.seedtag.com/c/ 		312 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_0.f0c68b402cbaf8d7f32c.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/5032-5905-01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb2361275d3847c9f3101c15f3ccc0b3ad251173b23d358a83906144fccce41d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
38154
x-guploader-uploadid
ADPycdvL7tRKEXU59aDx1t3S19IucX-c4K2wgj31UiY3ADWm7czxi2sP8u2n57jR2wWhfoc1D0TFgihGktblybCL82O-sPvquNNO
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Sep 2023 15:21:58 GMT
server
cloudflare
etag
W/"580c4b7ea2e71b87e8d4b90ee923b902"
vary
Accept-Encoding
x-goog-generation
1695223318450349
content-type
application/javascript
x-goog-hash
crc32c=nz6CEw==, md5=WAxLfqLnG4fo1LkO6SO5Ag==
cache-control
public, max-age=5356800
x-goog-stored-content-length
91577
cf-ray
809eb36eecb201df-ZRH
expires
Wed, 22 Nov 2023 01:58:03 GMT
st_2.3352459ac136ef579e69.js
t.seedtag.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_2.3352459ac136ef579e69.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/5032-5905-01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f9f9837acd92a73feaaf1c88bd9af3aaf8560aecadad021cc951f8fc3514e9b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
38154
x-guploader-uploadid
ADPycdvfUiGHkuGfybYco6k0hDHaTAfvCo6q3PvOWoombdYuWVbgnSCiH5_C5XFjy-K8aEg15UvfPqOJX7JCOlHox00ayg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Sep 2023 15:21:59 GMT
server
cloudflare
etag
W/"f4bbe4b5490c6e818ce81e014f1286ac"
vary
Accept-Encoding
x-goog-generation
1695223319515440
content-type
application/javascript
x-goog-hash
crc32c=ng/uoQ==, md5=9LvktUkMboGM6B4BTxKGrA==
cache-control
public, max-age=5356800
x-goog-stored-content-length
1858
cf-ray
809eb36eecb301df-ZRH
expires
Wed, 22 Nov 2023 01:58:03 GMT
st_3.d13be7e8817ed5c58f6e.js
t.seedtag.com/c/ 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.seedtag.com/c/st_3.d13be7e8817ed5c58f6e.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/t/5032-5905-01.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4cde7388b65183e8ea4a808e83cff86c0360f7edacba2611a82eedb75f9d9a7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
38154
x-guploader-uploadid
ADPycdsduG1Rip3ISkwtuwABjxPq-I5l2SGJpEyeYn5l1viKdqyoL-_0SC9LKIqSiLRg1TgwoyP2D6WBWHTQnZHVqGB5
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Sep 2023 15:21:59 GMT
server
cloudflare
etag
W/"889d6c11a46f6f3ac05ebc50406f68eb"
vary
Accept-Encoding
x-goog-generation
1695223319322654
content-type
application/javascript
x-goog-hash
crc32c=vs0ypQ==, md5=iJ1sEaRvbzrAXrxQQG9o6w==
cache-control
public, max-age=5356800
x-goog-stored-content-length
14328
cf-ray
809eb36eecb501df-ZRH
expires
Wed, 22 Nov 2023 01:58:03 GMT
pub
pixel.adsafeprotected.com/services/ Frame 139E 		452 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931348&slot=%7Bid:/138871148/extra.globo.com.dw.728x90.inter,ss:%5B728.90%5D,p:/138871148,85042905/extra.globo.com.dw.728x90.inter%7D&wr=728.90&sr=1600.1200&url=https%253A%252F%252Fextra.globo.com%252Feconomia%252Fnoticia%252F2023%252F08%252Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.147.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-147-142.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fee3af3afda2016dfbada8bdd0d8c9d948daadf457d013de360f1b80f4c781d1

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
server
nginx
x-server-name
app10.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
event
prebid-a.rubiconproject.com/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.21.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-21-31.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:03 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.21.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-21-31.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 21 Sep 2023 01:58:03 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pub
pixel.adsafeprotected.com/services/ Frame 8867 		452 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931348&slot=%7Bid:/138871148/extra.globo.com.dw.728x90.inter,ss:%5B728.90%5D,p:/138871148,85042905/extra.globo.com.dw.728x90.inter%7D&wr=728.90&sr=1600.1200&url=https%253A%252F%252Fextra.globo.com%252Feconomia%252Fnoticia%252F2023%252F08%252Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.147.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-147-142.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7659e38f6164f83d23c6eae6532f28680d542830ae2d7c1527f6eaac644f5652

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
server
nginx
x-server-name
app02.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2155 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQANS_UK3oybAAyIvCpqjTFF5NKTH8769g&u=%7CXjATkX2pIQMvags1HSAP1Xb8sZO4B3C15X3VZHFq4Qk%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2VbjBE30yWNVeKP-DrcZK6qd_0LxqtSDAZxv2BjuWqB9fvfvkS9v5w06kORLnDFW4WFHWZCGveMIXJ2_HgVihJtftdeIwXVT4D7BVnfBbApVDJkT3fhjLCHSKNbdEYzbMiJMH7OtBw4ZSdfJUN5BibbbJ5l5ppPmlUSpwq1YVMH4zvYpZqW2C0tR4le1JdSyKEo2F8wjY8PlyDYS3p4PuHhF-36NwrHCXMO4z59plZ6tNYo3ebAyMWH68tRvW_3K_yWH1TZfhRghzMwM3vM7kzx6WQIYXJujvrxEy7_3UdsE4caRACRUirbE5q0OEUwOCDn8-SBX4RdXLy0wBOhGwJyREx8U9MfI3EogQ_TFG5DofmzHfj6Ea5uYDb9Y1LjUz1dN0j8B4zNvMIPkDGDlGYcetd1eB5lepZfXyyHCQ0BD6qHU3HBPHkhnBK1jTN4cwUrU-NeexsvkWS05SihvPqttQqBcZIJDhXwy6TERkQMNU5QfO_FGgPZg4otvA7Ds8egYcBUCySIMaIvP8JWvI40Zvt_HmCIXwF5ePu9m0VZHPc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwomaKaMLZfWXNZuZ-ga8kbLQD8me0rFc9Z2Y93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCujd5SF7isT7gAgCoAwHIAwKqBK0DT9CB_btKipgKfAsQnSR3Mu9etGmWuKDi3OHsGX-5FbBgSNxWAjWbmxGAefL9Jy_S39N_5pHyBgZncmTsAPmw90AAbgxjS_ugUcjMpX8Y_nKlNvP-RwCiBK_cVh9XaOY1F1XyYPmGFKOeSRDVXkA4kTc8qatZo2SxMCGoDKXURieu-LJbw1J7dvJHoOs-bzaOoE90Vs0nhAlCCITu6IsKaA2oZpf97omYZ-RkQtl8j3ELZTKWZVWdmFtzZc-gaSTheICfrgT9TCWj8w77d7vt23muZGH_C4KzxLkkrRobSrz8ksWotMMvj_99oCX1KplLf61IAdiGaG82i_WUljzcSh5RkkKXFQzw5zzugeS3GFYlv1aTeFZH4BDsqJF2pnVT2RCEGJwv5XtIj48X0JtlQWoCoEg2WBtGBkxet-gQmOZaxV0EIlLrm__LfD3x2OZMPZhGrBhywU-76L4WMp6MjgUr-8x0eLIIqnwnsnpbWjbri6IrYhYVcz5amzZ7dujy_FAblJft3L3CJ64atpMBk1Gdv_sULjHvYx6o-hL-XycEveNzcpRZU_J_kXz34AQBgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvi_STlc2BsAZ4UwDyyFP2He77Q%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
614052
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6RzVC9m3TXCmTqVxq%2BLDfwCrQ1G73k7WMKv3RCyeylNfDFUZ7ApR0zC18RXm9%2BpyrzJ34q9AnWwhDQ5uzjKbFdNxu9GGMNjrLNNDQTUwdTmmHRDs7CLPy%2BNWCIZd4Ic2B0OuS2FCQri7PNcrh%2BjsD%2BH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
809eb36f2b4e24c6-ZRH
expires
Tue, 10 Sep 2024 01:58:03 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7CC8 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
614052
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtEnK4zpRcUlfsygGZChiBecdDoe8ThwHBBajnlgTOVi9juWZOHN5J0iHkEOPWRp5rwRjm9sEAh8S8oTBaMtLVUI3QeqUgvCAqGb6iWyaCeaBncYSZHkDbiQFTQ58MUY281vx4JV2Xvspr8ToIzk74J7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
809eb36f6cf801df-ZRH
expires
Tue, 10 Sep 2024 01:58:03 GMT
formats.js
ad.lkqd.net/vpaid/ Frame B7AB 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1695261483.cds215.fr8.hn,1695261483.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame CA68 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1695261483.cds215.fr8.hn,1695261483.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
auto-user-sync
ads.stickyadstv.com/ 		43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:03 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1695261483308080-403
Expires
Thu, 21 Sep 2023 01:58:03 GMT
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=469943902.27859651346241271.82109344
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=469943902.27859651346241271.82109344
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-q.4OjzBE2pm7koZu78ovuj7RhiMm7dZlG1hm3Q--~A&expires=5&ssp=vidoomy
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=288a0a7b-baec-457a-b3a8-f6f3afd79784
43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=288a0a7b-baec-457a-b3a8-f6f3afd79784
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Server
212.36.83.246 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:04 GMT
Content-Encoding
none
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
43

Redirect headers

location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=288a0a7b-baec-457a-b3a8-f6f3afd79784
date
Thu, 21 Sep 2023 01:58:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LMSIWYU5-1Y-417D
43 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LMSIWYU5-1Y-417D
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Server
212.36.83.246 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:03 GMT
Content-Encoding
none
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LMSIWYU5-1Y-417D
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
animejs.js
static.criteo.net/animejs/ Frame 1A32 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQAIFRgK4GqFAA5jj-wYajExDSNNZKTUZA&u=%7CXjATkX2pIQO4tJVT%2BPOEp5ZFlMOS%2BndR0Vj9RY%2BDw%2BA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2Vb3kdStZ7KjJ06lXPoxjyDrf3QU601MhbxAs_vHxZy0pisJYVD-tyb-q_1vCa7TcRxU_msRkblrmKhoac6Pr4C8u609e1OtgnZWl99zP0SnUsmwZqG9P0TUDvfWyxEb5_OeZDo53Z2f8qw2BkCVYNWbk_ePY9N36cpFNBOMluAmzVzKW3HWqCleSJLD0DsV4BeEMXeIOCbmzir_lXNIAtzqvhAB913NdayTfrR7oeCklZxhfXodD0x-Oulnf2PqZeFBn8tKYxLGUjdJ5HZhZBRTaeuh6IFo1pI3LBIIz95BnSmE7lZFCebVF9XbBWYuzkA8D1cY-c56g8aITN_yOPx_CFSuq52u1PfB4gh78DAAXzyvzcmqNFcIQTBFnrWYVC9A5RALEqX-xxBFM0VPT9h68hXteXLAeWyYjwvF-i6BlbsRo7Bl5ReCuOt13lBIFFiwh1XGcV4SBr1N6Q8D4n36dGfRxkklYUbTTgllZvJY0OwCx3b4-Ct-iub4WgtnwEgEqwUeBjLGWPdDLtMALRfynk_rs31NUlYUMQi8UI1B4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtIeKaMLZZiqIIXVgQePx7kYyZ7SsVzVnZH3cMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJqQKHagKEr9-xPuACAKgDAcgDAqoEsANP0NwNOGiRRyEWz2We03yk365GGqMB1nKNcXrj3bTx_iYaHNLSRLwM4Cbc65dLbU5cqLOserikk-2UlyvY7o-LUnAGidmewCsm-OisSLX8QKd2_Rnd7e1e8t8M2gpF2k5kpqwZiQxf1CAbsZ_0bcIUMy8D0OfNrJ9nJoJZirw6zeqzvjsP0Hda3unCQ0dWd-DcgwnSchXGwWC0jhRTY7cj7OZCcD-3Mm66ew8cHxQKO_tl5P9uSdtM0EFjhn4sdeERMsQdL6pz-r6K4cApziyYJPTFhsCkm4sVO-g8z5u_D7dwsqR74dqPXNNKD2oJxgjxVVz8-MTS9nVCHLdSIAVC5Y0uBqNKVMTeijDJ4bYCjsYwR8yxJWhQfVIf9HWegPoe4Z-KOzprH6-ZZuf9NtMRnTZ82SisD24bIoZs7Ft8qeCKDFhzpJwNWuRdEn9XMQt8sHG5dwBc0wrLPQJF4Z7IcqpTbVOcTayICOh-dHJdLeYRlyQL4q26MbGnlljMHDDWHaZw0OML-3zLqyf9WwGGITBKe3r1jmiF_RKbBpyQ9_39RrZmixkc1HQzFkMZyBjgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OhEf1XLEgmNYCqnckCaAqryxG9g%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Sep 2024 01:58:03 GMT
764f46ed0012a3900512.js
sdk.mrf.io/statics/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/764f46ed0012a3900512.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=755
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9fa2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35faab1d07b33795967a3a1ba80cb5f15a6986b031ae84cefc3a4338076c5b8d

Request headers

Referer
https://extra.globo.com/
Origin
https://extra.globo.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
via
1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
8
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 13 Sep 2023 09:10:48 GMT
server
cloudflare
etag
W/"ef3afb0961b22b67b10ea1548e874ec0"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
809eb36fb80392b4-FRA
x-amz-cf-id
mmmLFpmGr3cx9trceQ8Y38RyREVAPDDLxbz3nFb8KEqaU9Gp00AfbA==
bid
ap.lijit.com/rtb/ Frame 139E 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cafd049c36286b37fb5d7d408427ab2fd8eff38a4ca6323d42cd3c2797a9a18a

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 21 Sep 2023 01:58:03 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://extra.globo.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
/
ads.resetsrv.com/ Frame 139E 		0
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.resetsrv.com/
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.197.55.50 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-methods
GET, POST
content-type
text/html
prebid
prebid.media.net/rtb/ Frame 139E 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2410EL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8ab4207006c8dc5757446f16ca4f16aca5348442eb95c51482d6b29a7e17758f

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 21 Sep 2023 01:58:03 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 139E 		36 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=829174&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2275b090d9286a76%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml%22%2C%22page%22%3A%22https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2286fe6606cebb38%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22829174%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F138871148%2C85042905%2Fextra.globo.com.dw.728x90.inter%22%2C%22gpid%22%3A%22%2F138871148%2C85042905%2Fextra.globo.com.dw.728x90.inter%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22hcodemedia.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22288%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22crwdcntrl.net%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22df66b851409d31eff92d3271f26816d5393820c4dbb7241cdff1ecc80f3cab91%22%7D%5D%7D%5D%7D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
febc29adb6a36579039f8665619d0e0d7f98a3e9ccf0ae54ce53c7825670d495

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5inSjDCwbC6pUqG5yCsI6%2FuYKQlhWA71ir3hDF7AphFYD2EMNrHyCFjB0L9RkU6uMoxYnU3PLv56sXjuBuFWYt6RYj%2FwgCRH8GgVA4sHs68btp4raCGDzA73f8pxuMQ%2BdtOv0m%2Bn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
809eb36fea3e23c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame 139E 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=853
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 139E 		353 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1780802&size_id=2&rp_schain=1.0,1!hcodemedia.com,288,1,,,&eid_crwdcntrl.net=df66b851409d31eff92d3271f26816d5393820c4dbb7241cdff1ecc80f3cab91%5E1&rf=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&tg_i.adunit=extra.globo.com.dw.728x90.inter&tg_i.pbadslot=%2F138871148%2C85042905%2Fextra.globo.com.dw.728x90.inter&tk_flint=pbjs_lite_v6.29.3&x_source.tid=4a05b7d1-be4e-4d96-94ac-7a409ea432a8&l_pb_bid_id=12fd2b658c70346&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F138871148%2C85042905%2Fextra.globo.com.dw.728x90.inter&slots=1&rand=0.30579406823616173
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1fcb40bd0ee69081c9d6f022ad62888e299c0206a11588a383b7520131c6e2e3

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
353
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 139E 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
87c967dc96e6b62dd519297dfb1c9aec9ee51eddecb8c229fdcd1f17b38fdf80
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
an-x-request-uuid
dd5ad3e8-92e7-41f0-b2a2-c28447de53d6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8867 		144 B
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
f6642afc0e62a851e78c194362bb4811f62c864ca5a51f64d51e5725cc5027da
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
an-x-request-uuid
c31ee697-0c2f-4ac9-97d9-d235c2053841
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8867 		353 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1780802&size_id=2&rp_schain=1.0,1!hcodemedia.com,288,1,,,&eid_crwdcntrl.net=df66b851409d31eff92d3271f26816d5393820c4dbb7241cdff1ecc80f3cab91%5E1&rf=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&tg_i.adunit=extra.globo.com.dw.728x90.inter&tg_i.pbadslot=%2F138871148%2C85042905%2Fextra.globo.com.dw.728x90.inter&tk_flint=pbjs_lite_v6.29.3&x_source.tid=c60cc3a1-4891-458d-9275-dcfafb08062d&l_pb_bid_id=4e6415435b941a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F138871148%2C85042905%2Fextra.globo.com.dw.728x90.inter&slots=1&rand=0.07142453028719054
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
94c9f5c82eebb0284e8df15ab44aac7bc6dbcff7a95e471cd1fff2d5bbc643c1

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
353
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 8867 		24 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
266e99197c431b0667b41f42bfb2da61c22578cab25fdf3ff95184f9a0aec416

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 21 Sep 2023 01:58:03 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://extra.globo.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
pbjs
htlb.casalemedia.com/openrtb/ Frame 8867 		36 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=829174&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22750a69a5673016%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml%22%2C%22page%22%3A%22https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228707a5509307c%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22829174%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F138871148%2C85042905%2Fextra.globo.com.dw.728x90.inter%22%2C%22gpid%22%3A%22%2F138871148%2C85042905%2Fextra.globo.com.dw.728x90.inter%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22hcodemedia.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22288%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22crwdcntrl.net%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22df66b851409d31eff92d3271f26816d5393820c4dbb7241cdff1ecc80f3cab91%22%7D%5D%7D%5D%7D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b8b6d92edf79322415ef0d76ce69682b76757ed798fb463d725a94177d4ab27

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlP4BmS4KTgmFIA8UL%2B9tj2KoulY3naKiNfpuFsMmVQBRnMup0PRafAd9%2Fj2cOQqDREZnxuJZycrZr3WNBIwr9lTi23xnEe2fDW4pyTr5wri7eQ6cYg73oRgddIVKZVpQk3tm9Ko"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
809eb36fea4e23c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
prebid
prebid.media.net/rtb/ Frame 8867 		1 KB
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2410EL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
949f7e77db8af218cc9a2a24860617138c696e884a2da8f78678a8dd7e3586a0

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 21 Sep 2023 01:58:03 GMT
translator
hbopenbid.pubmatic.com/ Frame 8867 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=575
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:02 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
ads.resetsrv.com/ Frame 8867 		0
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.resetsrv.com/
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.197.55.50 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-methods
GET, POST
content-type
text/html
animejs.js
static.criteo.net/animejs/ Frame 2155 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQANS_UK3oybAAyIvCpqjTFF5NKTH8769g&u=%7CXjATkX2pIQMvags1HSAP1Xb8sZO4B3C15X3VZHFq4Qk%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2VbjBE30yWNVeKP-DrcZK6qd_0LxqtSDAZxv2BjuWqB9fvfvkS9v5w06kORLnDFW4WFHWZCGveMIXJ2_HgVihJtftdeIwXVT4D7BVnfBbApVDJkT3fhjLCHSKNbdEYzbMiJMH7OtBw4ZSdfJUN5BibbbJ5l5ppPmlUSpwq1YVMH4zvYpZqW2C0tR4le1JdSyKEo2F8wjY8PlyDYS3p4PuHhF-36NwrHCXMO4z59plZ6tNYo3ebAyMWH68tRvW_3K_yWH1TZfhRghzMwM3vM7kzx6WQIYXJujvrxEy7_3UdsE4caRACRUirbE5q0OEUwOCDn8-SBX4RdXLy0wBOhGwJyREx8U9MfI3EogQ_TFG5DofmzHfj6Ea5uYDb9Y1LjUz1dN0j8B4zNvMIPkDGDlGYcetd1eB5lepZfXyyHCQ0BD6qHU3HBPHkhnBK1jTN4cwUrU-NeexsvkWS05SihvPqttQqBcZIJDhXwy6TERkQMNU5QfO_FGgPZg4otvA7Ds8egYcBUCySIMaIvP8JWvI40Zvt_HmCIXwF5ePu9m0VZHPc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwomaKaMLZfWXNZuZ-ga8kbLQD8me0rFc9Z2Y93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCujd5SF7isT7gAgCoAwHIAwKqBK0DT9CB_btKipgKfAsQnSR3Mu9etGmWuKDi3OHsGX-5FbBgSNxWAjWbmxGAefL9Jy_S39N_5pHyBgZncmTsAPmw90AAbgxjS_ugUcjMpX8Y_nKlNvP-RwCiBK_cVh9XaOY1F1XyYPmGFKOeSRDVXkA4kTc8qatZo2SxMCGoDKXURieu-LJbw1J7dvJHoOs-bzaOoE90Vs0nhAlCCITu6IsKaA2oZpf97omYZ-RkQtl8j3ELZTKWZVWdmFtzZc-gaSTheICfrgT9TCWj8w77d7vt23muZGH_C4KzxLkkrRobSrz8ksWotMMvj_99oCX1KplLf61IAdiGaG82i_WUljzcSh5RkkKXFQzw5zzugeS3GFYlv1aTeFZH4BDsqJF2pnVT2RCEGJwv5XtIj48X0JtlQWoCoEg2WBtGBkxet-gQmOZaxV0EIlLrm__LfD3x2OZMPZhGrBhywU-76L4WMp6MjgUr-8x0eLIIqnwnsnpbWjbri6IrYhYVcz5amzZ7dujy_FAblJft3L3CJ64atpMBk1Gdv_sULjHvYx6o-hL-XycEveNzcpRZU_J_kXz34AQBgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvi_STlc2BsAZ4UwDyyFP2He77Q%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Sep 2024 01:58:03 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2155 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=316&m=0&partner=102789&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F102789%2F4782559%2F7a34ef86a86540a5adebf22d382f4e90_digicomp_logo_white_criteobanner_cta_horizontal.png&v=3&w=1276&s=DcI3McaejegyzXcBClqPzToq
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQANS_UK3oybAAyIvCpqjTFF5NKTH8769g&u=%7CXjATkX2pIQMvags1HSAP1Xb8sZO4B3C15X3VZHFq4Qk%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2VbjBE30yWNVeKP-DrcZK6qd_0LxqtSDAZxv2BjuWqB9fvfvkS9v5w06kORLnDFW4WFHWZCGveMIXJ2_HgVihJtftdeIwXVT4D7BVnfBbApVDJkT3fhjLCHSKNbdEYzbMiJMH7OtBw4ZSdfJUN5BibbbJ5l5ppPmlUSpwq1YVMH4zvYpZqW2C0tR4le1JdSyKEo2F8wjY8PlyDYS3p4PuHhF-36NwrHCXMO4z59plZ6tNYo3ebAyMWH68tRvW_3K_yWH1TZfhRghzMwM3vM7kzx6WQIYXJujvrxEy7_3UdsE4caRACRUirbE5q0OEUwOCDn8-SBX4RdXLy0wBOhGwJyREx8U9MfI3EogQ_TFG5DofmzHfj6Ea5uYDb9Y1LjUz1dN0j8B4zNvMIPkDGDlGYcetd1eB5lepZfXyyHCQ0BD6qHU3HBPHkhnBK1jTN4cwUrU-NeexsvkWS05SihvPqttQqBcZIJDhXwy6TERkQMNU5QfO_FGgPZg4otvA7Ds8egYcBUCySIMaIvP8JWvI40Zvt_HmCIXwF5ePu9m0VZHPc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwomaKaMLZfWXNZuZ-ga8kbLQD8me0rFc9Z2Y93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCujd5SF7isT7gAgCoAwHIAwKqBK0DT9CB_btKipgKfAsQnSR3Mu9etGmWuKDi3OHsGX-5FbBgSNxWAjWbmxGAefL9Jy_S39N_5pHyBgZncmTsAPmw90AAbgxjS_ugUcjMpX8Y_nKlNvP-RwCiBK_cVh9XaOY1F1XyYPmGFKOeSRDVXkA4kTc8qatZo2SxMCGoDKXURieu-LJbw1J7dvJHoOs-bzaOoE90Vs0nhAlCCITu6IsKaA2oZpf97omYZ-RkQtl8j3ELZTKWZVWdmFtzZc-gaSTheICfrgT9TCWj8w77d7vt23muZGH_C4KzxLkkrRobSrz8ksWotMMvj_99oCX1KplLf61IAdiGaG82i_WUljzcSh5RkkKXFQzw5zzugeS3GFYlv1aTeFZH4BDsqJF2pnVT2RCEGJwv5XtIj48X0JtlQWoCoEg2WBtGBkxet-gQmOZaxV0EIlLrm__LfD3x2OZMPZhGrBhywU-76L4WMp6MjgUr-8x0eLIIqnwnsnpbWjbri6IrYhYVcz5amzZ7dujy_FAblJft3L3CJ64atpMBk1Gdv_sULjHvYx6o-hL-XycEveNzcpRZU_J_kXz34AQBgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvi_STlc2BsAZ4UwDyyFP2He77Q%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d56d7a955eee9a8d687c0a8d9c863577b6911f8101e78eec392ba892106b60fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
time-allow-origin
*
content-type
image/png
cache-control
public, max-age=31104000
content-length
13494
expires
Wed, 04 Sep 2024 02:02:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 2155 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FPCFDAY.jpg&v=3&w=800&s=e51Gibp7UuvT6Uu0HVtRPiru&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQANS_UK3oybAAyIvCpqjTFF5NKTH8769g&u=%7CXjATkX2pIQMvags1HSAP1Xb8sZO4B3C15X3VZHFq4Qk%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2VbjBE30yWNVeKP-DrcZK6qd_0LxqtSDAZxv2BjuWqB9fvfvkS9v5w06kORLnDFW4WFHWZCGveMIXJ2_HgVihJtftdeIwXVT4D7BVnfBbApVDJkT3fhjLCHSKNbdEYzbMiJMH7OtBw4ZSdfJUN5BibbbJ5l5ppPmlUSpwq1YVMH4zvYpZqW2C0tR4le1JdSyKEo2F8wjY8PlyDYS3p4PuHhF-36NwrHCXMO4z59plZ6tNYo3ebAyMWH68tRvW_3K_yWH1TZfhRghzMwM3vM7kzx6WQIYXJujvrxEy7_3UdsE4caRACRUirbE5q0OEUwOCDn8-SBX4RdXLy0wBOhGwJyREx8U9MfI3EogQ_TFG5DofmzHfj6Ea5uYDb9Y1LjUz1dN0j8B4zNvMIPkDGDlGYcetd1eB5lepZfXyyHCQ0BD6qHU3HBPHkhnBK1jTN4cwUrU-NeexsvkWS05SihvPqttQqBcZIJDhXwy6TERkQMNU5QfO_FGgPZg4otvA7Ds8egYcBUCySIMaIvP8JWvI40Zvt_HmCIXwF5ePu9m0VZHPc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwomaKaMLZfWXNZuZ-ga8kbLQD8me0rFc9Z2Y93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCujd5SF7isT7gAgCoAwHIAwKqBK0DT9CB_btKipgKfAsQnSR3Mu9etGmWuKDi3OHsGX-5FbBgSNxWAjWbmxGAefL9Jy_S39N_5pHyBgZncmTsAPmw90AAbgxjS_ugUcjMpX8Y_nKlNvP-RwCiBK_cVh9XaOY1F1XyYPmGFKOeSRDVXkA4kTc8qatZo2SxMCGoDKXURieu-LJbw1J7dvJHoOs-bzaOoE90Vs0nhAlCCITu6IsKaA2oZpf97omYZ-RkQtl8j3ELZTKWZVWdmFtzZc-gaSTheICfrgT9TCWj8w77d7vt23muZGH_C4KzxLkkrRobSrz8ksWotMMvj_99oCX1KplLf61IAdiGaG82i_WUljzcSh5RkkKXFQzw5zzugeS3GFYlv1aTeFZH4BDsqJF2pnVT2RCEGJwv5XtIj48X0JtlQWoCoEg2WBtGBkxet-gQmOZaxV0EIlLrm__LfD3x2OZMPZhGrBhywU-76L4WMp6MjgUr-8x0eLIIqnwnsnpbWjbri6IrYhYVcz5amzZ7dujy_FAblJft3L3CJ64atpMBk1Gdv_sULjHvYx6o-hL-XycEveNzcpRZU_J_kXz34AQBgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvi_STlc2BsAZ4UwDyyFP2He77Q%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
92ae5887ce830efd6f0ea7ac811880b7d909eec40634f71b4599c20bde930766
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
time-allow-origin
*
content-type
image/webp
cache-control
public, max-age=2592000
content-length
49862
expires
Tue, 10 Oct 2023 09:31:38 GMT
all
csm.eu.criteo.net/ Frame 2155 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=IIIHpnKe1Ktls8WuMgyU8otKB-Y4WUHrXmrxZOiUCqLysmxiIrsX79NRUWoH63uDMHHuZBub7PAkh3RRH8yIfnBIJ5ASISYWHHueNAgMyISRR7tJSsh040TP8Z5tjVr0QEZ5py_LhSTXwLZvZ6mcpBOFUIokgPo88cLVWbfTqya7WvpvaUgl6n0FJSlGoyHOiLdS_8X9KXxkI0qnqWuvuTvoOZlfPXBNLMWFFdIpxMHbmPxggQIQrKzw5hu_mNswINYlJQ&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQANS_UK3oybAAyIvCpqjTFF5NKTH8769g&u=%7CXjATkX2pIQMvags1HSAP1Xb8sZO4B3C15X3VZHFq4Qk%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2VbjBE30yWNVeKP-DrcZK6qd_0LxqtSDAZxv2BjuWqB9fvfvkS9v5w06kORLnDFW4WFHWZCGveMIXJ2_HgVihJtftdeIwXVT4D7BVnfBbApVDJkT3fhjLCHSKNbdEYzbMiJMH7OtBw4ZSdfJUN5BibbbJ5l5ppPmlUSpwq1YVMH4zvYpZqW2C0tR4le1JdSyKEo2F8wjY8PlyDYS3p4PuHhF-36NwrHCXMO4z59plZ6tNYo3ebAyMWH68tRvW_3K_yWH1TZfhRghzMwM3vM7kzx6WQIYXJujvrxEy7_3UdsE4caRACRUirbE5q0OEUwOCDn8-SBX4RdXLy0wBOhGwJyREx8U9MfI3EogQ_TFG5DofmzHfj6Ea5uYDb9Y1LjUz1dN0j8B4zNvMIPkDGDlGYcetd1eB5lepZfXyyHCQ0BD6qHU3HBPHkhnBK1jTN4cwUrU-NeexsvkWS05SihvPqttQqBcZIJDhXwy6TERkQMNU5QfO_FGgPZg4otvA7Ds8egYcBUCySIMaIvP8JWvI40Zvt_HmCIXwF5ePu9m0VZHPc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwomaKaMLZfWXNZuZ-ga8kbLQD8me0rFc9Z2Y93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCujd5SF7isT7gAgCoAwHIAwKqBK0DT9CB_btKipgKfAsQnSR3Mu9etGmWuKDi3OHsGX-5FbBgSNxWAjWbmxGAefL9Jy_S39N_5pHyBgZncmTsAPmw90AAbgxjS_ugUcjMpX8Y_nKlNvP-RwCiBK_cVh9XaOY1F1XyYPmGFKOeSRDVXkA4kTc8qatZo2SxMCGoDKXURieu-LJbw1J7dvJHoOs-bzaOoE90Vs0nhAlCCITu6IsKaA2oZpf97omYZ-RkQtl8j3ELZTKWZVWdmFtzZc-gaSTheICfrgT9TCWj8w77d7vt23muZGH_C4KzxLkkrRobSrz8ksWotMMvj_99oCX1KplLf61IAdiGaG82i_WUljzcSh5RkkKXFQzw5zzugeS3GFYlv1aTeFZH4BDsqJF2pnVT2RCEGJwv5XtIj48X0JtlQWoCoEg2WBtGBkxet-gQmOZaxV0EIlLrm__LfD3x2OZMPZhGrBhywU-76L4WMp6MjgUr-8x0eLIIqnwnsnpbWjbri6IrYhYVcz5amzZ7dujy_FAblJft3L3CJ64atpMBk1Gdv_sULjHvYx6o-hL-XycEveNzcpRZU_J_kXz34AQBgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvi_STlc2BsAZ4UwDyyFP2He77Q%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2155 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQANS_UK3oybAAyIvCpqjTFF5NKTH8769g&u=%7CXjATkX2pIQMvags1HSAP1Xb8sZO4B3C15X3VZHFq4Qk%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2VbjBE30yWNVeKP-DrcZK6qd_0LxqtSDAZxv2BjuWqB9fvfvkS9v5w06kORLnDFW4WFHWZCGveMIXJ2_HgVihJtftdeIwXVT4D7BVnfBbApVDJkT3fhjLCHSKNbdEYzbMiJMH7OtBw4ZSdfJUN5BibbbJ5l5ppPmlUSpwq1YVMH4zvYpZqW2C0tR4le1JdSyKEo2F8wjY8PlyDYS3p4PuHhF-36NwrHCXMO4z59plZ6tNYo3ebAyMWH68tRvW_3K_yWH1TZfhRghzMwM3vM7kzx6WQIYXJujvrxEy7_3UdsE4caRACRUirbE5q0OEUwOCDn8-SBX4RdXLy0wBOhGwJyREx8U9MfI3EogQ_TFG5DofmzHfj6Ea5uYDb9Y1LjUz1dN0j8B4zNvMIPkDGDlGYcetd1eB5lepZfXyyHCQ0BD6qHU3HBPHkhnBK1jTN4cwUrU-NeexsvkWS05SihvPqttQqBcZIJDhXwy6TERkQMNU5QfO_FGgPZg4otvA7Ds8egYcBUCySIMaIvP8JWvI40Zvt_HmCIXwF5ePu9m0VZHPc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwomaKaMLZfWXNZuZ-ga8kbLQD8me0rFc9Z2Y93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCujd5SF7isT7gAgCoAwHIAwKqBK0DT9CB_btKipgKfAsQnSR3Mu9etGmWuKDi3OHsGX-5FbBgSNxWAjWbmxGAefL9Jy_S39N_5pHyBgZncmTsAPmw90AAbgxjS_ugUcjMpX8Y_nKlNvP-RwCiBK_cVh9XaOY1F1XyYPmGFKOeSRDVXkA4kTc8qatZo2SxMCGoDKXURieu-LJbw1J7dvJHoOs-bzaOoE90Vs0nhAlCCITu6IsKaA2oZpf97omYZ-RkQtl8j3ELZTKWZVWdmFtzZc-gaSTheICfrgT9TCWj8w77d7vt23muZGH_C4KzxLkkrRobSrz8ksWotMMvj_99oCX1KplLf61IAdiGaG82i_WUljzcSh5RkkKXFQzw5zzugeS3GFYlv1aTeFZH4BDsqJF2pnVT2RCEGJwv5XtIj48X0JtlQWoCoEg2WBtGBkxet-gQmOZaxV0EIlLrm__LfD3x2OZMPZhGrBhywU-76L4WMp6MjgUr-8x0eLIIqnwnsnpbWjbri6IrYhYVcz5amzZ7dujy_FAblJft3L3CJ64atpMBk1Gdv_sULjHvYx6o-hL-XycEveNzcpRZU_J_kXz34AQBgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvi_STlc2BsAZ4UwDyyFP2He77Q%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Sep 2024 01:58:03 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2155 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQANS_UK3oybAAyIvCpqjTFF5NKTH8769g&u=%7CXjATkX2pIQMvags1HSAP1Xb8sZO4B3C15X3VZHFq4Qk%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2VbjBE30yWNVeKP-DrcZK6qd_0LxqtSDAZxv2BjuWqB9fvfvkS9v5w06kORLnDFW4WFHWZCGveMIXJ2_HgVihJtftdeIwXVT4D7BVnfBbApVDJkT3fhjLCHSKNbdEYzbMiJMH7OtBw4ZSdfJUN5BibbbJ5l5ppPmlUSpwq1YVMH4zvYpZqW2C0tR4le1JdSyKEo2F8wjY8PlyDYS3p4PuHhF-36NwrHCXMO4z59plZ6tNYo3ebAyMWH68tRvW_3K_yWH1TZfhRghzMwM3vM7kzx6WQIYXJujvrxEy7_3UdsE4caRACRUirbE5q0OEUwOCDn8-SBX4RdXLy0wBOhGwJyREx8U9MfI3EogQ_TFG5DofmzHfj6Ea5uYDb9Y1LjUz1dN0j8B4zNvMIPkDGDlGYcetd1eB5lepZfXyyHCQ0BD6qHU3HBPHkhnBK1jTN4cwUrU-NeexsvkWS05SihvPqttQqBcZIJDhXwy6TERkQMNU5QfO_FGgPZg4otvA7Ds8egYcBUCySIMaIvP8JWvI40Zvt_HmCIXwF5ePu9m0VZHPc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwomaKaMLZfWXNZuZ-ga8kbLQD8me0rFc9Z2Y93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCujd5SF7isT7gAgCoAwHIAwKqBK0DT9CB_btKipgKfAsQnSR3Mu9etGmWuKDi3OHsGX-5FbBgSNxWAjWbmxGAefL9Jy_S39N_5pHyBgZncmTsAPmw90AAbgxjS_ugUcjMpX8Y_nKlNvP-RwCiBK_cVh9XaOY1F1XyYPmGFKOeSRDVXkA4kTc8qatZo2SxMCGoDKXURieu-LJbw1J7dvJHoOs-bzaOoE90Vs0nhAlCCITu6IsKaA2oZpf97omYZ-RkQtl8j3ELZTKWZVWdmFtzZc-gaSTheICfrgT9TCWj8w77d7vt23muZGH_C4KzxLkkrRobSrz8ksWotMMvj_99oCX1KplLf61IAdiGaG82i_WUljzcSh5RkkKXFQzw5zzugeS3GFYlv1aTeFZH4BDsqJF2pnVT2RCEGJwv5XtIj48X0JtlQWoCoEg2WBtGBkxet-gQmOZaxV0EIlLrm__LfD3x2OZMPZhGrBhywU-76L4WMp6MjgUr-8x0eLIIqnwnsnpbWjbri6IrYhYVcz5amzZ7dujy_FAblJft3L3CJ64atpMBk1Gdv_sULjHvYx6o-hL-XycEveNzcpRZU_J_kXz34AQBgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvi_STlc2BsAZ4UwDyyFP2He77Q%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Sep 2024 01:58:03 GMT
i.match
s.tribalfusion.com/z/ Frame 488D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENbHhYfV1S0FZERjYV5NaXo&google_cver=1&google_push=AXcoOmSU3R6GUdNacZXB1VdWpeXgrm_bxmalvpAf5YKU_Uds1Dx-D8-K8tKZoooYWJKzWkkhisLVQNwhGjXhPvJO9bnCUk4D2X5E&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENbHhYfV1S0FZERjYV5NaXo&google_cver=1&google_push=AXcoOmSU3R6GUdNacZXB1VdWpeXgrm_bxmalvpAf5YKU_Uds1Dx-D8-K8tKZoooYWJKzWkkhisLVQNwhGjXhPvJO9bnCUk4D2X5...
43 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENbHhYfV1S0FZERjYV5NaXo&google_cver=1&google_push=AXcoOmSU3R6GUdNacZXB1VdWpeXgrm_bxmalvpAf5YKU_Uds1Dx-D8-K8tKZoooYWJKzWkkhisLVQNwhGjXhPvJO9bnCUk4D2X5E&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSU3R6GUdNacZXB1VdWpeXgrm_bxmalvpAf5YKU_Uds1Dx-D8-K8tKZoooYWJKzWkkhisLVQNwhGjXhPvJO9bnCUk4D2X5E%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
809eb3723e1f0211-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
2440
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENbHhYfV1S0FZERjYV5NaXo&google_cver=1&google_push=AXcoOmSU3R6GUdNacZXB1VdWpeXgrm_bxmalvpAf5YKU_Uds1Dx-D8-K8tKZoooYWJKzWkkhisLVQNwhGjXhPvJO9bnCUk4D2X5E&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSU3R6GUdNacZXB1VdWpeXgrm_bxmalvpAf5YKU_Uds1Dx-D8-K8tKZoooYWJKzWkkhisLVQNwhGjXhPvJO9bnCUk4D2X5E%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
809eb370cd320211-ZRH
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 488D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlF1akt3QVI5VmMyclFBYg==&google_gid=CAESEN593d5qBmvoNPP4aCW2lPw&google_cver=1&google_push=AXcoOmQx_RJbAqWZj9hjPju7cJnnhmfELW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlF1akt3QVI5VmMyclFBYg==&google_gid=CAESEN593d5qBmvoNPP4aCW2lPw&google_cver=1&google_push=AXcoOmQx_RJbAqWZj9hjPju7cJnnhmfELW8RryC-bgEllCUWnSa7PSyl_U1ZNak1MiludkX0HjlJYG5eDBBe3ksY9aREOYqnuXiwIg
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230116-FRA
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1695261484.552827,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlF1akt3QVI5VmMyclFBYg==&google_gid=CAESEN593d5qBmvoNPP4aCW2lPw&google_cver=1&google_push=AXcoOmQx_RJbAqWZj9hjPju7cJnnhmfELW8RryC-bgEllCUWnSa7PSyl_U1ZNak1MiludkX0HjlJYG5eDBBe3ksY9aREOYqnuXiwIg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 488D
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEJmajg5An6o7m7T0LbFzMvI&google_cver=1&google_push=AXcoOmSVppdlZOM2u6F91aN75DZ2M3zuWtz_I0ueSbCKBLe1wODFivO3D7VPHhJtWlNp2tIfc1NghjhuSRtBvZ7wxMUvLCGdv...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=830157082853
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=830157082853
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=830157082853
content-length
0
pixel
cm.g.doubleclick.net/ Frame 488D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECq5sWTaIFJPfK0UqXIPUnY&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECq5sWTaIFJPfK0UqXIPUnY&google_hm=ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB&google_nid=index&google_push=AXcoOmRgCk8qpp9cL0bqLMC-FV7jYbKyzNfYf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECq5sWTaIFJPfK0UqXIPUnY&google_hm=ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB&google_nid=index&google_push=AXcoOmRgCk8qpp9cL0bqLMC-FV7jYbKyzNfYfhIRf1wRr8Xu6GS7lrXe1PkX-e1CJEUs3mtZyRqa7kPsEos_tN2xZnmrra9AC-ITBQ
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqnSoewc6E7TLPY44CxQFI9F4YSRJ9S6mbJjpW%2BJIR%2BJbZcH5737rArLwCkFNx8oioHs3Ij7fui98zLBiR2tq%2F%2BtxxKsKHFLO8g1C%2Fa9GXE4QWP97LaLSoKfLSli%2FxrmHi8t8Jq%2Fyxj%2Bew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESECq5sWTaIFJPfK0UqXIPUnY&google_hm=ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB&google_nid=index&google_push=AXcoOmRgCk8qpp9cL0bqLMC-FV7jYbKyzNfYfhIRf1wRr8Xu6GS7lrXe1PkX-e1CJEUs3mtZyRqa7kPsEos_tN2xZnmrra9AC-ITBQ
cache-control
no-cache
cf-ray
809eb3702c3d24c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 488D
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDx9Fz0TpX1YsU8OkPbEKSM&google_cver=1&google_push=AXcoOmStEaS5W5Nq3DAkhybP3MiUlmNVLl5r-nWd2fWmS7LFVF3nTu_dAiE6i4Bqm13pad5k57nAma_XsXiAA95aO...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDx9Fz0TpX1YsU8OkPbEKSM&google_cver=1&google_push=AXcoOmStEaS5W5Nq3DAkhybP3MiUlmNVLl5r-nWd2fWmS7LFVF3nTu_dAiE6i4Bqm13pad5k57nAma_XsXiAA95aO...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmStEaS5W5Nq3DAkhybP3MiUlmNVLl5r-nWd2fWmS7LFVF3nTu_dAiE6i4Bqm13pad5k57nAma_XsXiAA95aOzvpVxTu82SoCw&google_hm=HWxWpGZH8JLneMwdQJ2j...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmStEaS5W5Nq3DAkhybP3MiUlmNVLl5r-nWd2fWmS7LFVF3nTu_dAiE6i4Bqm13pad5k57nAma_XsXiAA95aOzvpVxTu82SoCw&google_hm=HWxWpGZH8JLneMwdQJ2j3lGK
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 21 Sep 2023 01:58:03 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmStEaS5W5Nq3DAkhybP3MiUlmNVLl5r-nWd2fWmS7LFVF3nTu_dAiE6i4Bqm13pad5k57nAma_XsXiAA95aOzvpVxTu82SoCw&google_hm=HWxWpGZH8JLneMwdQJ2j3lGK
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
cc.adingo.jp/adx/push/ Frame 488D 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEB7ngo7mggiM8-c4_3kyN_8&google_cver=1&google_push=AXcoOmR5vyTPsjiQHTeRnZxLWUzokBUdzur-gRMkRr76Gcg4sah4z_-hX-4aocQjR1HrUFcchNf7f_1sTUjLTbz70VzQvjKRIfUYHQ
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.182.181 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-182-181.ap-northeast-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
server
awselb/2.0
report
sync.teads.tv/um/ Frame 488D
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEFZHrgrAbSQK...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZGI5YTFmOTctM2E4OS00ZDFhLWE5MTktYTJjMTNjMGY1NWNl&google_push=AXcoOmTlfSI63k6xP7qI5W6AgLMsE9vsJ30PKNKOPh-ZoLrfPKJY5w4Vu3Vs2slP4Lq7b...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Thu, 21 Sep 2023 01:58:03 GMT
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 488D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I1gcIGvaUpPQUpBl9dLTFspgFYatF4xuq83AANfMSnQbe1X-m4S27lqz-8XH9ZTxtcYw3p4Q
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame 8181 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPa64mheOQ9fCRJKpu9FLwg&google_cver=1&google_push=AXcoOmTYsohge23-iGoMdq5gjT3wgFIVYWK-THhMP_LcPZVMXsC1NFEbRKuHOF7OzFspCCmFalfvC-HW9wsZNbQDIhRu0UScdXAv6g
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8181
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOLB_z326ITh_wfbSXGfMZA&google_cver=1&google_push=AXcoOmSdJCOzzd3o3uoWLJsB2H5sw_SVQjIBKmsFSIhva5rrd7GQjYw...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=326850fb4a8b24a4&is_secure=true&networkId=14000&version=1&google_gid=CAESEOLB_z326ITh_wfbSXGfMZA&google_cver=1&google_push=AXcoOmSdJCOz...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIVRMx2uWJLwNDY4lGAAAAAAA&expiration=1695347883&google_cver=1&is_secure=true&google_gid=CAESEOLB_z326ITh_wfbSXGfM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIVRMx2uWJLwNDY4lGAAAAAAA&expiration=1695347883&google_cver=1&is_secure=true&google_gid=CAESEOLB_z326ITh_wfbSXGfMZA&google_push=AXcoOmSdJCOzzd3o3uoWLJsB2H5sw_SVQjIBKmsFSIhva5rrd7GQjYwL2MPBjkz9MjXbX8I7rpKTB6WTuyoO4tuTlRxbQpc-wJW9
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIVRMx2uWJLwNDY4lGAAAAAAA&expiration=1695347883&google_cver=1&is_secure=true&google_gid=CAESEOLB_z326ITh_wfbSXGfMZA&google_push=AXcoOmSdJCOzzd3o3uoWLJsB2H5sw_SVQjIBKmsFSIhva5rrd7GQjYwL2MPBjkz9MjXbX8I7rpKTB6WTuyoO4tuTlRxbQpc-wJW9
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 8181
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJ_6rJ-WvPa_EUkNo7spgNc&google_cver=1&google_push=AXcoOmS7S8a3pAhgwjGKby3A5fyRiMQB-O3ACbO-vpRB0o4spoWZZ77Y_eeDSOf-9jIETIysMLEWOW6FjK7acmpO...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cXwiO9KnRS0XYb40X1D4dQ&google_push=AXcoOmS7S8a3pAhgwjGKby3A5fyRiMQB-O3ACbO-vpRB0o4spoWZZ77Y_eeDSOf-9jIETIysMLEWOW6FjK7acmpOGijQddqo-rhFbw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cXwiO9KnRS0XYb40X1D4dQ&google_push=AXcoOmS7S8a3pAhgwjGKby3A5fyRiMQB-O3ACbO-vpRB0o4spoWZZ77Y_eeDSOf-9jIETIysMLEWOW6FjK7acmpOGijQddqo-rhFbw
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 21 Sep 2023 01:58:03 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=cXwiO9KnRS0XYb40X1D4dQ&google_push=AXcoOmS7S8a3pAhgwjGKby3A5fyRiMQB-O3ACbO-vpRB0o4spoWZZ77Y_eeDSOf-9jIETIysMLEWOW6FjK7acmpOGijQddqo-rhFbw
x-host
tde-deliveryengine-production-78865f7dd9-dx84c
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8181
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEBAUlEKlbFFzzdz02oV6cUQ&google_cver=1&google_push=AXcoOmS0zELZ_QPGcpHevYQt9XLqnojuUQM0R6Q5WdSqhp83sviXXyZR3PhTIFvACm48Xo8zMlt8ybIIIEnEgZ38_VKdn78...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBAUlEKlbFFzzdz02oV6cUQ&google_cver=1&google_push=AXcoOmS0zELZ_QPGcpHevYQt9XLqnojuUQM0R6Q5WdSqhp83sviXXyZR3PhTIFvACm48Xo8zMlt8ybIIIEnEgZ38_VKdn...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS0zELZ_QPGcpHevYQt9XLqnojuUQM0R6Q5WdSqhp83sviXXyZR3PhTIFvACm48Xo8zMlt8ybIIIEnEgZ38_VKdn78m6RVS
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS0zELZ_QPGcpHevYQt9XLqnojuUQM0R6Q5WdSqhp83sviXXyZR3PhTIFvACm48Xo8zMlt8ybIIIEnEgZ38_VKdn78m6RVS
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS0zELZ_QPGcpHevYQt9XLqnojuUQM0R6Q5WdSqhp83sviXXyZR3PhTIFvACm48Xo8zMlt8ybIIIEnEgZ38_VKdn78m6RVS
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 8181
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOCbSCcb3tlB8at7d-tEdBg&google_cver=1&google_push=AXcoOmRjd7qmB5mTcf2FgbatIxBLf5OLSoHlKDJWRxWCMQ42SsGWNL7Lg5RuUJORYEXIjCqE3_BVhfmK_J6vT...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOCbSCcb3tlB8at7d-tEdBg&google_push=AXcoOmRjd7qmB5mTcf2FgbatIxBLf5OLSoHlKDJWRxWCMQ42SsGWNL7Lg5RuUJORYEXIjCqE3_BVhfmK_J6vT...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRjd7qmB5mTcf2FgbatIxBLf5OLSoHlKDJWRxWCMQ42SsGWNL7Lg5RuUJORYEXIjCqE3_BVhfmK_J6vTuuJosX4rTb_gmygkw&google_hm=UUZ4eWRzTjVsUGVfUX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRjd7qmB5mTcf2FgbatIxBLf5OLSoHlKDJWRxWCMQ42SsGWNL7Lg5RuUJORYEXIjCqE3_BVhfmK_J6vTuuJosX4rTb_gmygkw&google_hm=UUZ4eWRzTjVsUGVfUXJqQVNHTlQ=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:03 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRjd7qmB5mTcf2FgbatIxBLf5OLSoHlKDJWRxWCMQ42SsGWNL7Lg5RuUJORYEXIjCqE3_BVhfmK_J6vTuuJosX4rTb_gmygkw&google_hm=UUZ4eWRzTjVsUGVfUXJqQVNHTlQ=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
238
Expires
Thu, 01 Dec 1994 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8181
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDvUqvs6n3JY1l44YQaptok&google_cver=1&google_push=AXcoOmSdiYztydmJ__nBN16A_byYENDQCoadrALQkdxtlUN4lWR2bNZPVpCPVWCl0sLoPDrYC6BmYEeOP7I04Ds4...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=44&external_user_id=20e766a60e&gdpr=0&gdpr_consent=
43 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=44&external_user_id=20e766a60e&gdpr=0&gdpr_consent=
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mspgzBzodO5OTQIvPmXaQTpztdYvzvzYen1XCb2M2kljXsY98pF2GujigbctwQ07Da4lrboVFyiYB26f7ozqh6AT0eminzhMljjMEp85SEgd1NpAdhtF0PN%2B75iXtgXLCIgkpBBPVTjDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
809eb3714d7224c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 21 Sep 2023 01:58:03 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=44&external_user_id=20e766a60e&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
K5-WCG63HfhhajmsxW5nMRTfwnGA1XuD83hoTpO88iTsj1vSObA-ow==
pixel
cm.g.doubleclick.net/ Frame 8181
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEC6YPmjQ_rornV9hr29z9mo&google_cver=1&google_push=AXcoOmT4RPGSg-XATHrsbgeJPKdqj251Yz8ubaYkiLnaU1rVvOBpxL64hFL8HeDAqrOsvrzTpaDLP8rdX9a9XysVvPFyZ5mTK7...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmT4RPGSg-XATHrsbgeJPKdqj251Yz8ubaYkiLnaU1rVvOBpxL64hFL8HeDAqrOsvrzTpaDLP8rdX9a9XysVvPFyZ5mTK7_...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkyNDM4ODE0NzEwMjgzOTE4MzkxOA%3D%3D&google_push=AXcoOmT4RPGSg-XATHrsbgeJPKdqj251Yz8ubaYkiLnaU1rVvOBpxL64...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkyNDM4ODE0NzEwMjgzOTE4MzkxOA%3D%3D&google_push=AXcoOmT4RPGSg-XATHrsbgeJPKdqj251Yz8ubaYkiLnaU1rVvOBpxL64hFL8HeDAqrOsvrzTpaDLP8rdX9a9XysVvPFyZ5mTK7_Ymw
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkyNDM4ODE0NzEwMjgzOTE4MzkxOA%3D%3D&google_push=AXcoOmT4RPGSg-XATHrsbgeJPKdqj251Yz8ubaYkiLnaU1rVvOBpxL64hFL8HeDAqrOsvrzTpaDLP8rdX9a9XysVvPFyZ5mTK7_Ymw
date
Thu, 21 Sep 2023 01:58:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 8181 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LehAhjshNRx2Z3WWmAzcVu6ymaqqh1AyAD_OJcjX97YeHleW_SFoSXTa9XljaMQyv0UkVA
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
animejs.js
static.criteo.net/animejs/ Frame 7CC8 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Sep 2024 01:58:03 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7CC8 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=102789&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F102789%2F4782559%2F27e396689d854f96bffb4f1c353d44d6_digicomp_logo_white_criteobanner_cta_square.png&v=3&w=196&s=u8RH3PKCv7sSdfjEnivknYad
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a7f6bf3d4e79e967e0b1b70de5e46a16da84b04fc505eedca6da03127901953c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
time-allow-origin
*
content-type
image/png
cache-control
public, max-age=31104000
content-length
10545
expires
Wed, 04 Sep 2024 03:43:12 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7CC8 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FDAXDAY.jpg&v=3&w=400&s=UzY5GMwrXjiQSkZpxWsn1GIn&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9ae2173cd9f5fe1c855291382ba6e6e65db8880ac992e6ae5cc7092f4eca5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
time-allow-origin
*
content-type
image/webp
cache-control
public, max-age=2592000
content-length
16196
expires
Wed, 11 Oct 2023 04:10:50 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7CC8 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FA02.jpg&v=3&w=400&s=iz4_IhT-23ldv0WqXrXciIUt&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3a3b6228c8b0ca57f754c5044f9ac8a6dbb8ae04dbcd96f0daad569bcccbaabc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
time-allow-origin
*
content-type
image/webp
cache-control
public, max-age=2592000
content-length
14514
expires
Tue, 03 Oct 2023 06:25:43 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7CC8 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FJIRA01.jpg&v=3&w=400&s=Es0PVHeazuFBjpUt6AsaSK3W&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1695ac5d61f4e05a6954db52f7ab5b68c9e9753a710b71e5e2e2c62e06d523e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
time-allow-origin
*
content-type
image/webp
cache-control
public, max-age=2592000
content-length
20848
expires
Tue, 10 Oct 2023 09:07:51 GMT
img
imageproxy.eu.criteo.net/img/ Frame 7CC8 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FPAIDSM.jpg&v=3&w=400&s=QqtzY4JFpfL2ppWcqUMkwdrH&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d4ba3dae77e5ef843925296c5ffc8a16425fca23e2bf75680640c24e6083209b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
time-allow-origin
*
content-type
image/webp
cache-control
public, max-age=2592000
content-length
16574
expires
Tue, 10 Oct 2023 09:28:07 GMT
all
csm.eu.criteo.net/ Frame 7CC8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ZbabOXKe1Ktls8WuCLlu5IKT0_oyGaTBo43-l5AS2N4J05QQfi3HJGZzdBWY2e9SCLAAgcs-MD4Niq7WRQreCiQik0vQyC7e1_ujV2dxgsT8_FAESIrIBez4LWJZaoT0dO3knU3Imhev1TRAocIAJ7SOeHZR7-CTLMeg5AdRotwvp_srpqzvLHBXLdrmf8spznEYQTSQwdPNxEwuGTYD6iKIBCp32saf2JQ5f-XdpWbKe8Djt0-vaptrO2X9DILyDV8_TQ&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7CC8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Sep 2024 01:58:03 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 7CC8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Sep 2024 01:58:03 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CFC1
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Sep 2023 01:58:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:03 GMT
expires
Thu, 21 Sep 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
581346
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 97EE 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UIDB499B7AD-7917-48EE-AC2C-59DD92D48E33
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:03 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
QQB8WEYQY75KCHE2E34J
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 442D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tJm3rXkXSO6sLFndktSOMw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=132163
accept-ranges
bytes
content-length
5606
expires
Fri, 22 Sep 2023 14:40:46 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 442D 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.14.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-14-223.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.3.195
content-length
49
expires
0
cr
cr.frontend.weborama.fr/ Frame 442D
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=913059497
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=913059497
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
via
1.1 google
last-modified
Thu, 21 Sep 2023 01:58:03 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:02 GMT
via
1.1 google
last-modified
Thu, 21 Sep 2023 01:58:03 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=913059497
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 442D
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B499B7AD-7917-48EE-AC2C-59DD92D48E33
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MWNmNFliaXJ4ZWFSRDZNYW5IUGZFbFk2Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=1945593063401236011&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Server
52.4.190.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-190-58.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:05 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 21 Sep 2023 01:58:04 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 442D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjQ5OUI3QUQtNzkxNy00OEVFLUFDMkMtNTlERDkyRDQ4RTMz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 21 Sep 2023 01:58:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 442D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJn7wKdst5utB-0ZCY8Qby8&google_cver=1
42 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJn7wKdst5utB-0ZCY8Qby8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 21 Sep 2023 01:58:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJn7wKdst5utB-0ZCY8Qby8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 442D 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 20 Sep 2023 01:58:03 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 442D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1945593063401236011
42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1945593063401236011
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 21 Sep 2023 01:58:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1945593063401236011
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 442D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 88F1
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&khaos=LMSIWYU5-1Y-417D
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LMSIWYU5-1Y-417D&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LMSIWYU5-1Y-417D&ex=d-rubiconproject.com&status=ok
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P5AMQR55C4XNFZSCZDKC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LMSIWYU5-1Y-417D&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6905 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvScZwbNYaAyeLXqV2Bv_hyNbkDGiPNOJPtw_3kT29wpVNdlGgkIokYdvSXeo6TeYdXw-0WVBTS9QIydNk54hsPV1axNCNcfWgQVNmHJylrF5lfKq6nDPQtF5-d6j_gPIx0CKL0BHsBo6iCjvAlIumkqzSLI7LTqNDJsvKQowWD0t5QdH_4EQBTNQPzBHfevvCIQNM3V39mHmTFEeoZWBz3wcduTJzsvvGN8bXHE8ZH_RBFXvUIwQ9LQ5AEcfBdjYi3OXMn4uO2ffXOyFOVa5OhN-3L4xosd-ejEsCN2ExEarJRzMW4Dn2I_VMCCK2-KxvAraIahxLA1h54QMYzymweeZ4ES6vViqw&sai=AMfl-YR4LmF2wlbYOa2wo2e_XI__d5SLZ0qO-oqyZ0Ah9T9f3iPKiEJKzl1oFRdbDYbIEpJWyTETasGt-uUMFRol04bFQUT0GqsLEv_whiwaxpfbJLmQFSoteVJUcop1tcfc4A&sig=Cg0ArKJSzFhXr3rzdgfwEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 21 Sep 2023 01:58:03 GMT
img
imageproxy.eu.criteo.net/img/ Frame 1A32 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=102789&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F102789%2F4782559%2F7a34ef86a86540a5adebf22d382f4e90_digicomp_logo_white_criteobanner_cta_horizontal.png&v=3&w=596&s=Omu0_H6q0J5q0j5K7E8TwhAQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQAIFRgK4GqFAA5jj-wYajExDSNNZKTUZA&u=%7CXjATkX2pIQO4tJVT%2BPOEp5ZFlMOS%2BndR0Vj9RY%2BDw%2BA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2Vb3kdStZ7KjJ06lXPoxjyDrf3QU601MhbxAs_vHxZy0pisJYVD-tyb-q_1vCa7TcRxU_msRkblrmKhoac6Pr4C8u609e1OtgnZWl99zP0SnUsmwZqG9P0TUDvfWyxEb5_OeZDo53Z2f8qw2BkCVYNWbk_ePY9N36cpFNBOMluAmzVzKW3HWqCleSJLD0DsV4BeEMXeIOCbmzir_lXNIAtzqvhAB913NdayTfrR7oeCklZxhfXodD0x-Oulnf2PqZeFBn8tKYxLGUjdJ5HZhZBRTaeuh6IFo1pI3LBIIz95BnSmE7lZFCebVF9XbBWYuzkA8D1cY-c56g8aITN_yOPx_CFSuq52u1PfB4gh78DAAXzyvzcmqNFcIQTBFnrWYVC9A5RALEqX-xxBFM0VPT9h68hXteXLAeWyYjwvF-i6BlbsRo7Bl5ReCuOt13lBIFFiwh1XGcV4SBr1N6Q8D4n36dGfRxkklYUbTTgllZvJY0OwCx3b4-Ct-iub4WgtnwEgEqwUeBjLGWPdDLtMALRfynk_rs31NUlYUMQi8UI1B4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtIeKaMLZZiqIIXVgQePx7kYyZ7SsVzVnZH3cMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJqQKHagKEr9-xPuACAKgDAcgDAqoEsANP0NwNOGiRRyEWz2We03yk365GGqMB1nKNcXrj3bTx_iYaHNLSRLwM4Cbc65dLbU5cqLOserikk-2UlyvY7o-LUnAGidmewCsm-OisSLX8QKd2_Rnd7e1e8t8M2gpF2k5kpqwZiQxf1CAbsZ_0bcIUMy8D0OfNrJ9nJoJZirw6zeqzvjsP0Hda3unCQ0dWd-DcgwnSchXGwWC0jhRTY7cj7OZCcD-3Mm66ew8cHxQKO_tl5P9uSdtM0EFjhn4sdeERMsQdL6pz-r6K4cApziyYJPTFhsCkm4sVO-g8z5u_D7dwsqR74dqPXNNKD2oJxgjxVVz8-MTS9nVCHLdSIAVC5Y0uBqNKVMTeijDJ4bYCjsYwR8yxJWhQfVIf9HWegPoe4Z-KOzprH6-ZZuf9NtMRnTZ82SisD24bIoZs7Ft8qeCKDFhzpJwNWuRdEn9XMQt8sHG5dwBc0wrLPQJF4Z7IcqpTbVOcTayICOh-dHJdLeYRlyQL4q26MbGnlljMHDDWHaZw0OML-3zLqyf9WwGGITBKe3r1jmiF_RKbBpyQ9_39RrZmixkc1HQzFkMZyBjgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OhEf1XLEgmNYCqnckCaAqryxG9g%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2c0e4ecfb4e6db6ee32bf8888a21042471c255622e5f345b94074e0800f43df1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
time-allow-origin
*
content-type
image/png
cache-control
public, max-age=31104000
content-length
11737
expires
Wed, 04 Sep 2024 02:02:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 1A32 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FSAPG.jpg&v=3&w=400&s=XgSFVJC6tSNxQi3-9WAdBH_c&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQAIFRgK4GqFAA5jj-wYajExDSNNZKTUZA&u=%7CXjATkX2pIQO4tJVT%2BPOEp5ZFlMOS%2BndR0Vj9RY%2BDw%2BA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2Vb3kdStZ7KjJ06lXPoxjyDrf3QU601MhbxAs_vHxZy0pisJYVD-tyb-q_1vCa7TcRxU_msRkblrmKhoac6Pr4C8u609e1OtgnZWl99zP0SnUsmwZqG9P0TUDvfWyxEb5_OeZDo53Z2f8qw2BkCVYNWbk_ePY9N36cpFNBOMluAmzVzKW3HWqCleSJLD0DsV4BeEMXeIOCbmzir_lXNIAtzqvhAB913NdayTfrR7oeCklZxhfXodD0x-Oulnf2PqZeFBn8tKYxLGUjdJ5HZhZBRTaeuh6IFo1pI3LBIIz95BnSmE7lZFCebVF9XbBWYuzkA8D1cY-c56g8aITN_yOPx_CFSuq52u1PfB4gh78DAAXzyvzcmqNFcIQTBFnrWYVC9A5RALEqX-xxBFM0VPT9h68hXteXLAeWyYjwvF-i6BlbsRo7Bl5ReCuOt13lBIFFiwh1XGcV4SBr1N6Q8D4n36dGfRxkklYUbTTgllZvJY0OwCx3b4-Ct-iub4WgtnwEgEqwUeBjLGWPdDLtMALRfynk_rs31NUlYUMQi8UI1B4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtIeKaMLZZiqIIXVgQePx7kYyZ7SsVzVnZH3cMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJqQKHagKEr9-xPuACAKgDAcgDAqoEsANP0NwNOGiRRyEWz2We03yk365GGqMB1nKNcXrj3bTx_iYaHNLSRLwM4Cbc65dLbU5cqLOserikk-2UlyvY7o-LUnAGidmewCsm-OisSLX8QKd2_Rnd7e1e8t8M2gpF2k5kpqwZiQxf1CAbsZ_0bcIUMy8D0OfNrJ9nJoJZirw6zeqzvjsP0Hda3unCQ0dWd-DcgwnSchXGwWC0jhRTY7cj7OZCcD-3Mm66ew8cHxQKO_tl5P9uSdtM0EFjhn4sdeERMsQdL6pz-r6K4cApziyYJPTFhsCkm4sVO-g8z5u_D7dwsqR74dqPXNNKD2oJxgjxVVz8-MTS9nVCHLdSIAVC5Y0uBqNKVMTeijDJ4bYCjsYwR8yxJWhQfVIf9HWegPoe4Z-KOzprH6-ZZuf9NtMRnTZ82SisD24bIoZs7Ft8qeCKDFhzpJwNWuRdEn9XMQt8sHG5dwBc0wrLPQJF4Z7IcqpTbVOcTayICOh-dHJdLeYRlyQL4q26MbGnlljMHDDWHaZw0OML-3zLqyf9WwGGITBKe3r1jmiF_RKbBpyQ9_39RrZmixkc1HQzFkMZyBjgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OhEf1XLEgmNYCqnckCaAqryxG9g%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
209502d853832f09e6438a5ddedf4756c0aeac592ff5c9a59cc09817fd322e36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
time-allow-origin
*
content-type
image/webp
cache-control
public, max-age=2592000
content-length
13588
expires
Mon, 09 Oct 2023 13:06:46 GMT
img
imageproxy.eu.criteo.net/img/ Frame 1A32 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FMEPQPP.jpg&v=3&w=400&s=zbQ31TLuy4s0NShHWMPEIWAF&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQAIFRgK4GqFAA5jj-wYajExDSNNZKTUZA&u=%7CXjATkX2pIQO4tJVT%2BPOEp5ZFlMOS%2BndR0Vj9RY%2BDw%2BA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2Vb3kdStZ7KjJ06lXPoxjyDrf3QU601MhbxAs_vHxZy0pisJYVD-tyb-q_1vCa7TcRxU_msRkblrmKhoac6Pr4C8u609e1OtgnZWl99zP0SnUsmwZqG9P0TUDvfWyxEb5_OeZDo53Z2f8qw2BkCVYNWbk_ePY9N36cpFNBOMluAmzVzKW3HWqCleSJLD0DsV4BeEMXeIOCbmzir_lXNIAtzqvhAB913NdayTfrR7oeCklZxhfXodD0x-Oulnf2PqZeFBn8tKYxLGUjdJ5HZhZBRTaeuh6IFo1pI3LBIIz95BnSmE7lZFCebVF9XbBWYuzkA8D1cY-c56g8aITN_yOPx_CFSuq52u1PfB4gh78DAAXzyvzcmqNFcIQTBFnrWYVC9A5RALEqX-xxBFM0VPT9h68hXteXLAeWyYjwvF-i6BlbsRo7Bl5ReCuOt13lBIFFiwh1XGcV4SBr1N6Q8D4n36dGfRxkklYUbTTgllZvJY0OwCx3b4-Ct-iub4WgtnwEgEqwUeBjLGWPdDLtMALRfynk_rs31NUlYUMQi8UI1B4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtIeKaMLZZiqIIXVgQePx7kYyZ7SsVzVnZH3cMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJqQKHagKEr9-xPuACAKgDAcgDAqoEsANP0NwNOGiRRyEWz2We03yk365GGqMB1nKNcXrj3bTx_iYaHNLSRLwM4Cbc65dLbU5cqLOserikk-2UlyvY7o-LUnAGidmewCsm-OisSLX8QKd2_Rnd7e1e8t8M2gpF2k5kpqwZiQxf1CAbsZ_0bcIUMy8D0OfNrJ9nJoJZirw6zeqzvjsP0Hda3unCQ0dWd-DcgwnSchXGwWC0jhRTY7cj7OZCcD-3Mm66ew8cHxQKO_tl5P9uSdtM0EFjhn4sdeERMsQdL6pz-r6K4cApziyYJPTFhsCkm4sVO-g8z5u_D7dwsqR74dqPXNNKD2oJxgjxVVz8-MTS9nVCHLdSIAVC5Y0uBqNKVMTeijDJ4bYCjsYwR8yxJWhQfVIf9HWegPoe4Z-KOzprH6-ZZuf9NtMRnTZ82SisD24bIoZs7Ft8qeCKDFhzpJwNWuRdEn9XMQt8sHG5dwBc0wrLPQJF4Z7IcqpTbVOcTayICOh-dHJdLeYRlyQL4q26MbGnlljMHDDWHaZw0OML-3zLqyf9WwGGITBKe3r1jmiF_RKbBpyQ9_39RrZmixkc1HQzFkMZyBjgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OhEf1XLEgmNYCqnckCaAqryxG9g%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e11357dc19f6078157349e7fcfe6019a9ba8310cbb74cb61a68a4401dc53fb22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
time-allow-origin
*
content-type
image/webp
cache-control
public, max-age=2592000
content-length
15764
expires
Tue, 10 Oct 2023 08:36:26 GMT
all
csm.eu.criteo.net/ Frame 1A32 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=n19chnKe1Ktls8WuZmzyh-_nlRyF0FaS1XkB5EppJO2pe_ecTZe27-Fo8a4Sz578xnfK04nKfjWus2A3YnZQaBTOxak3laqfZ_4UycASFqG8QeRlYBMZAD05a79RnHvGri7sWNFmqcK66Z9fB3yyUlUCK1vblSvK1bY9Lt_KbCC0a2kaS-xehnagTXO_pgDo5lkuZtdm03ImwlTO5DFIDnBJn9NMb1Q3kbVYKFZHOKw6LrLvBnP-V7B1W9V8BTr91P9J7Q&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQAIFRgK4GqFAA5jj-wYajExDSNNZKTUZA&u=%7CXjATkX2pIQO4tJVT%2BPOEp5ZFlMOS%2BndR0Vj9RY%2BDw%2BA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2Vb3kdStZ7KjJ06lXPoxjyDrf3QU601MhbxAs_vHxZy0pisJYVD-tyb-q_1vCa7TcRxU_msRkblrmKhoac6Pr4C8u609e1OtgnZWl99zP0SnUsmwZqG9P0TUDvfWyxEb5_OeZDo53Z2f8qw2BkCVYNWbk_ePY9N36cpFNBOMluAmzVzKW3HWqCleSJLD0DsV4BeEMXeIOCbmzir_lXNIAtzqvhAB913NdayTfrR7oeCklZxhfXodD0x-Oulnf2PqZeFBn8tKYxLGUjdJ5HZhZBRTaeuh6IFo1pI3LBIIz95BnSmE7lZFCebVF9XbBWYuzkA8D1cY-c56g8aITN_yOPx_CFSuq52u1PfB4gh78DAAXzyvzcmqNFcIQTBFnrWYVC9A5RALEqX-xxBFM0VPT9h68hXteXLAeWyYjwvF-i6BlbsRo7Bl5ReCuOt13lBIFFiwh1XGcV4SBr1N6Q8D4n36dGfRxkklYUbTTgllZvJY0OwCx3b4-Ct-iub4WgtnwEgEqwUeBjLGWPdDLtMALRfynk_rs31NUlYUMQi8UI1B4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtIeKaMLZZiqIIXVgQePx7kYyZ7SsVzVnZH3cMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJqQKHagKEr9-xPuACAKgDAcgDAqoEsANP0NwNOGiRRyEWz2We03yk365GGqMB1nKNcXrj3bTx_iYaHNLSRLwM4Cbc65dLbU5cqLOserikk-2UlyvY7o-LUnAGidmewCsm-OisSLX8QKd2_Rnd7e1e8t8M2gpF2k5kpqwZiQxf1CAbsZ_0bcIUMy8D0OfNrJ9nJoJZirw6zeqzvjsP0Hda3unCQ0dWd-DcgwnSchXGwWC0jhRTY7cj7OZCcD-3Mm66ew8cHxQKO_tl5P9uSdtM0EFjhn4sdeERMsQdL6pz-r6K4cApziyYJPTFhsCkm4sVO-g8z5u_D7dwsqR74dqPXNNKD2oJxgjxVVz8-MTS9nVCHLdSIAVC5Y0uBqNKVMTeijDJ4bYCjsYwR8yxJWhQfVIf9HWegPoe4Z-KOzprH6-ZZuf9NtMRnTZ82SisD24bIoZs7Ft8qeCKDFhzpJwNWuRdEn9XMQt8sHG5dwBc0wrLPQJF4Z7IcqpTbVOcTayICOh-dHJdLeYRlyQL4q26MbGnlljMHDDWHaZw0OML-3zLqyf9WwGGITBKe3r1jmiF_RKbBpyQ9_39RrZmixkc1HQzFkMZyBjgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OhEf1XLEgmNYCqnckCaAqryxG9g%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1A32 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQAIFRgK4GqFAA5jj-wYajExDSNNZKTUZA&u=%7CXjATkX2pIQO4tJVT%2BPOEp5ZFlMOS%2BndR0Vj9RY%2BDw%2BA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2Vb3kdStZ7KjJ06lXPoxjyDrf3QU601MhbxAs_vHxZy0pisJYVD-tyb-q_1vCa7TcRxU_msRkblrmKhoac6Pr4C8u609e1OtgnZWl99zP0SnUsmwZqG9P0TUDvfWyxEb5_OeZDo53Z2f8qw2BkCVYNWbk_ePY9N36cpFNBOMluAmzVzKW3HWqCleSJLD0DsV4BeEMXeIOCbmzir_lXNIAtzqvhAB913NdayTfrR7oeCklZxhfXodD0x-Oulnf2PqZeFBn8tKYxLGUjdJ5HZhZBRTaeuh6IFo1pI3LBIIz95BnSmE7lZFCebVF9XbBWYuzkA8D1cY-c56g8aITN_yOPx_CFSuq52u1PfB4gh78DAAXzyvzcmqNFcIQTBFnrWYVC9A5RALEqX-xxBFM0VPT9h68hXteXLAeWyYjwvF-i6BlbsRo7Bl5ReCuOt13lBIFFiwh1XGcV4SBr1N6Q8D4n36dGfRxkklYUbTTgllZvJY0OwCx3b4-Ct-iub4WgtnwEgEqwUeBjLGWPdDLtMALRfynk_rs31NUlYUMQi8UI1B4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtIeKaMLZZiqIIXVgQePx7kYyZ7SsVzVnZH3cMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJqQKHagKEr9-xPuACAKgDAcgDAqoEsANP0NwNOGiRRyEWz2We03yk365GGqMB1nKNcXrj3bTx_iYaHNLSRLwM4Cbc65dLbU5cqLOserikk-2UlyvY7o-LUnAGidmewCsm-OisSLX8QKd2_Rnd7e1e8t8M2gpF2k5kpqwZiQxf1CAbsZ_0bcIUMy8D0OfNrJ9nJoJZirw6zeqzvjsP0Hda3unCQ0dWd-DcgwnSchXGwWC0jhRTY7cj7OZCcD-3Mm66ew8cHxQKO_tl5P9uSdtM0EFjhn4sdeERMsQdL6pz-r6K4cApziyYJPTFhsCkm4sVO-g8z5u_D7dwsqR74dqPXNNKD2oJxgjxVVz8-MTS9nVCHLdSIAVC5Y0uBqNKVMTeijDJ4bYCjsYwR8yxJWhQfVIf9HWegPoe4Z-KOzprH6-ZZuf9NtMRnTZ82SisD24bIoZs7Ft8qeCKDFhzpJwNWuRdEn9XMQt8sHG5dwBc0wrLPQJF4Z7IcqpTbVOcTayICOh-dHJdLeYRlyQL4q26MbGnlljMHDDWHaZw0OML-3zLqyf9WwGGITBKe3r1jmiF_RKbBpyQ9_39RrZmixkc1HQzFkMZyBjgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OhEf1XLEgmNYCqnckCaAqryxG9g%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Sep 2024 01:58:03 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 1A32 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQAIFRgK4GqFAA5jj-wYajExDSNNZKTUZA&u=%7CXjATkX2pIQO4tJVT%2BPOEp5ZFlMOS%2BndR0Vj9RY%2BDw%2BA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2Vb3kdStZ7KjJ06lXPoxjyDrf3QU601MhbxAs_vHxZy0pisJYVD-tyb-q_1vCa7TcRxU_msRkblrmKhoac6Pr4C8u609e1OtgnZWl99zP0SnUsmwZqG9P0TUDvfWyxEb5_OeZDo53Z2f8qw2BkCVYNWbk_ePY9N36cpFNBOMluAmzVzKW3HWqCleSJLD0DsV4BeEMXeIOCbmzir_lXNIAtzqvhAB913NdayTfrR7oeCklZxhfXodD0x-Oulnf2PqZeFBn8tKYxLGUjdJ5HZhZBRTaeuh6IFo1pI3LBIIz95BnSmE7lZFCebVF9XbBWYuzkA8D1cY-c56g8aITN_yOPx_CFSuq52u1PfB4gh78DAAXzyvzcmqNFcIQTBFnrWYVC9A5RALEqX-xxBFM0VPT9h68hXteXLAeWyYjwvF-i6BlbsRo7Bl5ReCuOt13lBIFFiwh1XGcV4SBr1N6Q8D4n36dGfRxkklYUbTTgllZvJY0OwCx3b4-Ct-iub4WgtnwEgEqwUeBjLGWPdDLtMALRfynk_rs31NUlYUMQi8UI1B4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtIeKaMLZZiqIIXVgQePx7kYyZ7SsVzVnZH3cMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJqQKHagKEr9-xPuACAKgDAcgDAqoEsANP0NwNOGiRRyEWz2We03yk365GGqMB1nKNcXrj3bTx_iYaHNLSRLwM4Cbc65dLbU5cqLOserikk-2UlyvY7o-LUnAGidmewCsm-OisSLX8QKd2_Rnd7e1e8t8M2gpF2k5kpqwZiQxf1CAbsZ_0bcIUMy8D0OfNrJ9nJoJZirw6zeqzvjsP0Hda3unCQ0dWd-DcgwnSchXGwWC0jhRTY7cj7OZCcD-3Mm66ew8cHxQKO_tl5P9uSdtM0EFjhn4sdeERMsQdL6pz-r6K4cApziyYJPTFhsCkm4sVO-g8z5u_D7dwsqR74dqPXNNKD2oJxgjxVVz8-MTS9nVCHLdSIAVC5Y0uBqNKVMTeijDJ4bYCjsYwR8yxJWhQfVIf9HWegPoe4Z-KOzprH6-ZZuf9NtMRnTZ82SisD24bIoZs7Ft8qeCKDFhzpJwNWuRdEn9XMQt8sHG5dwBc0wrLPQJF4Z7IcqpTbVOcTayICOh-dHJdLeYRlyQL4q26MbGnlljMHDDWHaZw0OML-3zLqyf9WwGGITBKe3r1jmiF_RKbBpyQ9_39RrZmixkc1HQzFkMZyBjgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OhEf1XLEgmNYCqnckCaAqryxG9g%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 15 Sep 2024 01:58:03 GMT
/
usergate.globo.com/ 		28 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://usergate.globo.com/
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.44.198.35.bc.googleusercontent.com
Software
/
Resource Hash
1b9e67bc1ba473352d144e6ba0aac3ddb281c94057a8292763044c5cc2a81fbb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
access-control-allow-headers
User-Agent,Content-Type,Cookie,X-App,GLBID,GST
truncated
/ Frame 7BDB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
caecbd6ee40f98d71b34025e990f1ded5e91f2030725b14f27ad056185615c28

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7B0F 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
081cc38e56991b93304e5475c735e842120abf8396be9e481766d518220300a0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 88F1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1TSVdZVTUtMVktNDE3RA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPlypyMwRK2CoO4ynsV7T_M&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1TSVdZVTUtMVktNDE3RA==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1TSVdZVTUtMVktNDE3RA==&google_push=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1TSVdZVTUtMVktNDE3RA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 88F1
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Vf_WkBSuQIC11VJ685TL_Q&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Vf_WkBSuQIC11VJ685TL_Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Vf_WkBSuQIC11VJ685TL_Q
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MD9J56BEEJF8Q5MVXY6C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Vf_WkBSuQIC11VJ685TL_Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 88F1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/7S6KxaHBQnYhXjvNsRHymcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-74A43vZE2oJ0amiAPAUni8_6kXVm7uBjYWn0ng--~A
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-74A43vZE2oJ0amiAPAUni8_6kXVm7uBjYWn0ng--~A
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 21 Sep 2023 01:58:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-74A43vZE2oJ0amiAPAUni8_6kXVm7uBjYWn0ng--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 88F1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=r1_JxbjZTD2uuhDYW6UUPg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=r1_JxbjZTD2uuhDYW6UUPg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=r1_JxbjZTD2uuhDYW6UUPg
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SXR6VRB4KNZY13R8RPCG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=r1_JxbjZTD2uuhDYW6UUPg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 88F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENFR-Ohe76icz9mWfJWVDVo&google_cver=1
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENFR-Ohe76icz9mWfJWVDVo&google_cver=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENFR-Ohe76icz9mWfJWVDVo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 88F1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 88F1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWM1YzhhMTUxY2JiNjVlMjk0OGFjZWQ4M2JlYTk0YWZiMjBlM2RjZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWM1YzhhMTUxY2JiNjVlMjk0OGFjZWQ4M2JlYTk0YWZiMjBlM2RjZA
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWM1YzhhMTUxY2JiNjVlMjk0OGFjZWQ4M2JlYTk0YWZiMjBlM2RjZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 88F1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMSIWYU5-1Y-417D
0
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMSIWYU5-1Y-417D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_n-sharethrough_n-LoopMe_pm-db5_rbd_smrt_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: B64B7BC96F4F447E88C2324B3A739692 Ref B: ZRHEDGE1817 Ref C: 2023-09-21T01:58:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYF1NKQ3m7U+aYBqhuUZQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMSIWYU5-1Y-417D
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.html
ad.lkqd.net/cookie-sync/ Frame 8A43 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 21 Sep 2023 01:58:03 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1695261483.cds215.fr8.hn,1695261483.cds226.fr8.c
ad
v.lkqd.net/ Frame B7AB 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c4=true&c5=&c6=59871&rnd=23438530&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
5d23de1a1c532a046b9e5a8780d834d300e899ab8e67cff75c4de8b1e9268620

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1519
usync.html
ad.lkqd.net/cookie-sync/ Frame B254 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 21 Sep 2023 01:58:03 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1695261483.cds215.fr8.hn,1695261483.cds226.fr8.c
ad
v.lkqd.net/ Frame CA68 		180 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135548&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c4=true&c5=&c6=59871&rnd=34955522&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
adview
securepubads.g.doubleclick.net/pagead/ Frame 4784 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=COT20KaMLZZiqIIXVgQePx7kYyZ7SsVzVnZH3cMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJqQKHagKEr9-xPuACAKgDAcgDAqoErQNP0NwNOGiRRyEWz2We03yk365GGqMB1nKNcXrj3bTx_iYaHNLSRLwM4Cbc65dLbU5cqLOserikk-2UlyvY7o-LUnAGidmewCsm-OisSLX8QKd2_Rnd7e1e8t8M2gpF2k5kpqwZiQxf1CAbsZ_0bcIUMy8D0OfNrJ9nJoJZirw6zeqzvjsP0Hda3unCQ0dWd-DcgwnSchXGwWC0jhRTY7cj7OZCcD-3Mm66ew8cHxQKO_tl5P9uSdtM0EFjhn4sdeERMsQdL6pz-r6K4cApziyYJPTFhsCkm4sVO-g8z5u_D7dwsqR74dqPXNNKD2oJxgjxVVz8-MTS9nVCHLdSIAVC5Y0uBqNKVMTeijDJ4bYCjsYwR8yxJWhQfVIf9HWegPoe4Z-KOzprH6-ZZuf9NtMRnTZ82SisD24bIoZs7Ft8qeCKDFhzpJwNWuRdEn9XMQt8sHG5dwBc0wrLPQJF4Z7IcqpTbVOcTayICOh-dHJdLeYRlyQL4q26MbGnlljMHDDWHaZw0OMLuX7qOaduizwg8ReQ91ocKmai96SRKIQSQzXA4ETZlTUETL6nNqrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODgyODU4NzE0OTQ3MzQzNxjh8yA&sigh=W69Yx3fw1zo&uach_m=[UACH]&cid=CAQSTABpAlJW0cjJGhFHppKKzLSDj-PR-Tc1XEsGY8qMx1GTJTo9jImAIS5pP7eIdB8S0WeLTOetTkuSMTMr1CatqPByzuK3tBaTfWYZH4AYAQ&cbvp=2&vis=1
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 4784 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k5uAFuyuBKwC-gGdg2ICAgAAAEv2DEX3AEGzPQQyHoGxGYkQKaMLZckw3MwUmcjB7nwAABIAAAoKQVFVQkFRRUJBUQ&wp=ZQujKQAIFRgK4GqFAA5jj-wYajExDSNNZKTUZA&cbvp=2
Requested by
Host: 098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
123903
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 7BDB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CSFQ1KaMLZfWXNZuZ-ga8kbLQD8me0rFc9Z2Y93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCujd5SF7isT7gAgCoAwHIAwKqBKoDT9CB_btKipgKfAsQnSR3Mu9etGmWuKDi3OHsGX-5FbBgSNxWAjWbmxGAefL9Jy_S39N_5pHyBgZncmTsAPmw90AAbgxjS_ugUcjMpX8Y_nKlNvP-RwCiBK_cVh9XaOY1F1XyYPmGFKOeSRDVXkA4kTc8qatZo2SxMCGoDKXURieu-LJbw1J7dvJHoOs-bzaOoE90Vs0nhAlCCITu6IsKaA2oZpf97omYZ-RkQtl8j3ELZTKWZVWdmFtzZc-gaSTheICfrgT9TCWj8w77d7vt23muZGH_C4KzxLkkrRobSrz8ksWotMMvj_99oCX1KplLf61IAdiGaG82i_WUljzcSh5RkkKXFQzw5zzugeS3GFYlv1aTeFZH4BDsqJF2pnVT2RCEGJwv5XtIj48X0JtlQWoCoEg2WBtGBkxet-gQmOZaxV0EIlLrm__LfD3x2OZMPZhGrBhywU-76L4WMp6MjgUr-8x0eLIIqnwnsnpbWjbri6IrYhYVcz5amzZ7dujy_FAblNXv_S9CtH4nEEMmSd29Vl8aCTtZaTCweKY2YoH2Av1fagyTx9KW4AQBgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg4Mjg1ODcxNDk0NzM0MzcY4fMg&sigh=uOg4f83KbT8&uach_m=[UACH]&cid=CAQSPABpAlJWHLEsVwkZQ-hzM6cj3drOKCfxCyHxM19GS-uGDj3x9Do1arGYGHBEBp7eQx29PFOwOpV9o5hpzxgB&cbvp=2&vis=1
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 7BDB 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k5uAFoCiDoAF4AOdg2ICAgAAADA5R68CXaY_PQQyHoGxGYkQKaMLZVDHrJhCmsjHqewAABIAAAoKQVFVQkFRRUJBUQ&wp=ZQujKQANS_UK3oybAAyIvCpqjTFF5NKTH8769g&cbvp=2
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
152867
server
Kestrel
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 7B0F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAZORKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSlA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFwza29AK9peoRN2VfHzzAD5uzsXk2m1rC77pvY9dMGJOYrCkcwQ7gBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODgyODU4NzE0OTQ3MzQzNxjh8yA&sigh=BKNxe6JCziI&uach_m=[UACH]&cid=CAQSPwBpAlJWlSz7jOtNA2SLKGa7Vjpctux3G6X1Fmq9QqKQONFh0C8c5br3OFsoWMFHEMkHaBLJAc1uLNB-9WQD8BgB&cbvp=2&vis=1
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 7B0F 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k5uAFs75RKYJ-gGdg2ICAgAAAEv2DEX3AEGzPQQyHoGxGYkQKaMLZeu--DzgrmME5gwAABIAAAoKQVFVQkFRRUJBUQ&wp=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&cbvp=2
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:03 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
139863
server
Kestrel
content-length
0
pxid
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/v2.0/ 		46 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/v2.0/pxid?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
883534e5d9bd80c27d2ea791702399b34b7ab9e83d0765197b5aff946b1f6fec

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		29 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
8283be909d0cd1883acc49c036613505798108e33ab28d05c5e5184757cf8ef1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
an-x-request-uuid
5b0789e7-d88a-4428-97d6-cb74f26d24f7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 139E 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
date
Wed, 20 Sep 2023 05:34:29 GMT
x-amz-cf-pop
FRA2-C1
age
73866
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
KMCPTdQTO4ebHPFbx8daLBEppMeQgI5Pn3A8EsoackQ1Zm0LDENspQ==
json
trc.taboola.com/editoraglobo-extra/trc/3/ 		75 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editoraglobo-extra/trc/3/json?llvl=2&tim=03%3A58%3A04.083&lti=trecs&pubit=n&t=1&data=%7B%22cmps%22%3A2%2C%22id%22%3A%2287535%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1695261484078%2C%22cv%22%3A%2220230920-27-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml%22%2C%22vpi%22%3A%22%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6687%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22nsid%22%3A%22editoraglobonetwork%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22cd%22%3A3610.41%2C%22mw%22%3A648%7D%5D%2C%22rtui%22%3A%22gsK0we6IbzK1DIKjuRX1hnk0k1M5NZV6%22%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22text%3D%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1695218190887%2C%22wc%22%3Atrue%7D
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0e6a263dc460cbc352f680902f930c20068fb732aa980375d99a16bea01ba96e

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
346
date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.32645833333333335
x-fastly-to-nlb-rtt
59096
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230092-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1695261484.104285,VS0,VE346
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 8867 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
date
Wed, 20 Sep 2023 05:34:29 GMT
x-amz-cf-pop
FRA2-C1
age
73866
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
LnQCuXqxF-MItjFtFKJ94VZ0UI8Jg_s2nfkjzFwmD5pC7TEjXfnW7A==
27896fb3-0be2-4ee0-921b-42f190a9f222
https://extra.globo.com/ 		732 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://extra.globo.com/27896fb3-0be2-4ee0-921b-42f190a9f222
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3bae0c2f78e57fd2a649e203b03e2ddf1f89b0cac077d08aebce5d0afda9022

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
749180
Content-Type
19d2b4ca-27b0-4916-8460-008442287d75
https://extra.globo.com/ 		732 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://extra.globo.com/19d2b4ca-27b0-4916-8460-008442287d75
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3bae0c2f78e57fd2a649e203b03e2ddf1f89b0cac077d08aebce5d0afda9022

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
749180
Content-Type
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/764f46ed0012a3900512.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2482a52b9d28afd071c091bfccf3512ae6027dbbf0fdc2d6428339d8f8a05d7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /cspreport
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 21 Sep 2023 01:58:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 139E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspwr6qWbESs1QZNg62HvugSH_fHdhA1BaB_NGytYqg7XuZthhaop69B2HxqgjieWpPQMmFFw1GPXucxJXLKwURhsxP6GPIW3gL5Ct9T3iOlstoc3VAVj9_l1kSrbnnnM1J0Z1MjFqg7f0NwCrLSLE_wG5GvbWJQau_KEtFkaKjtiBgh8iAtnfuPifOZB5dAO07Js_pd6SJh36ykWrtOoyp3isb4SKw27SuPFnCTYTTsXP4kPQQncQtoga2KYY_SlyAs_bYDgBs-jZfjpiZcp2VbkYK5EDoznelg0LuI_z4SolzgGY6UACD6J5wlV40l44DtLRJLRJxAmIDCshDM_KU9lhkF-HPLt_gkEM&sai=AMfl-YRX7jKz9yY3rgawdw7z5JUZVFmvixGU0ZYF3fPY4DdfFVI6hkfXP-EQeQSsA0v92jnzfwjaCDyTeRy7OLImF4GFjwdq8hXDqEJxJNER0BJeMX6cPe3LKQwIrYf7sWw3JQdz8N6Buz8SkOciaRs&sig=Cg0ArKJSzJdLtbqCMVwDEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 21 Sep 2023 01:58:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8867 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2RN9YsR_8GlTAPfZr9kvs0ixpZn1vXBN0_8t0m5QBoSBHY4s3AlNp7wa38LupyK0SJinCDFY-BiZTG1Xutv_sb_bFgyUgE5kox6DEom2hFz88Q3GXdVOFTukkISqgAiKnrXvxKCg5gSqYJzpbE8hbixwxT_uoz7PtKnL3ojtlor5GCp_1L7b6cAd3b-4KVC9aumtJNmmOBy10hwobGMnIVdiEmy_gu6TADLFanj0W3VjmfrpHFyXr3byEkHQ-ZpVCEkovI4yyA1ByVLukvj1QFjuAH4DK0YpGZoFD6TIR3KqIwGjGMLJbc_7i-kd9aIXi9CfwzXz1VUSj0j6jQ78hPiOzd3ym1XHSFhY&sai=AMfl-YQAqBWqPcQ6NQt-Kta4ncThxkcUcX0DuIY9q5sH7Navw4h8y5w33fME4XCF4CRtAnaa-Jf9ZHQHP7qaO1J_XvBHk5fthbDXlgMqIldFJYjn5qMWJJTXqVqFYPc_w80rxEvLfwdk_QQiQF7DpIYE&sig=Cg0ArKJSzPZHqOpzH6-GEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 21 Sep 2023 01:58:04 GMT
geoip
api.permutive.com/v2.0/ 		248 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b2c7e723dc804c4a2c35867be16851d8433f68bd665b4ead4d52246bc31567be

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
cs
cs.lkqd.net/ Frame 8A43
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=40865a8c-397a-4ab6-86b1-61a24f3778ff
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=40865a8c-397a-4ab6-86b1-61a24f3778ff
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=40865a8c-397a-4ab6-86b1-61a24f3778ff
date
Thu, 21 Sep 2023 01:58:04 GMT
server
_
content-length
0
lkqd
event.clientgear.com/cookie/ Frame 8A43
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=obNhX_SrEj0
0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=obNhX_SrEj0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

date
Thu, 21 Sep 2023 01:58:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=obNhX_SrEj0
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 8A43
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=CLOiGAY-0Us&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=309101d0-4e22-43b7-98bf-8e715ecf8753
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=309101d0-4e22-43b7-98bf-8e715ecf8753
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:04 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=309101d0-4e22-43b7-98bf-8e715ecf8753
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.lkqd.net/ Frame 8A43
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3666276997469608364
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3666276997469608364
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3666276997469608364
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 8A43
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=1S6dFtTSV3lGVnbORI-b58POaYM
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=1S6dFtTSV3lGVnbORI-b58POaYM
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=1S6dFtTSV3lGVnbORI-b58POaYM
Date
Thu, 21 Sep 2023 01:58:04 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPMBMXS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 21 Sep 2023 01:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
501
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 21 Sep 2023 03:49:43 GMT
horizon-common-hit.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
6fc8c519813ae69ffb5c95d87821ffbc940db1a1a2070bdbfed21d0e53fc4991

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
gzip
x-openstack-request-id
tx17f08eeea22740968606f-00650ba2d9
last-modified
Tue, 27 Jun 2023 00:08:13 GMT
x-thanos
0AB24047
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1687824492.72874
cache-control
public, max-age=180
x-trans-id
tx17f08eeea22740968606f-00650ba2d9
x-request-id
6d666298-cb3d-4e80-9ca9-7b2efdde7480
cs
cs.lkqd.net/ Frame B254
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=40865a8c-397a-4ab6-86b1-61a24f3778ff
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=40865a8c-397a-4ab6-86b1-61a24f3778ff
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=40865a8c-397a-4ab6-86b1-61a24f3778ff
date
Thu, 21 Sep 2023 01:58:04 GMT
server
_
content-length
0
lkqd
event.clientgear.com/cookie/ Frame B254
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
  • https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=BfznZwFNGac
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=BfznZwFNGac
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

date
Thu, 21 Sep 2023 01:58:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=BfznZwFNGac
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame B254
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=WQJ2B5MVybY&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=0401c18a-cee0-41dd-9bf6-05f3942e0e3f
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=0401c18a-cee0-41dd-9bf6-05f3942e0e3f
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:04 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=0401c18a-cee0-41dd-9bf6-05f3942e0e3f
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.lkqd.net/ Frame B254
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3738334591507536300
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3738334591507536300
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3738334591507536300
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame B254
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=1S6dFtTSV3lGVnbORI-b58POaYM
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=1S6dFtTSV3lGVnbORI-b58POaYM
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=1S6dFtTSV3lGVnbORI-b58POaYM
Date
Thu, 21 Sep 2023 01:58:04 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
pv
s.seedtag.com/c/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/pv?token=5032-5905-01&device=desktop&fullUrl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&cache=1695261484186&v=-&ft=true
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
a743839274234d4c26f8746c0fdccee37aa13d04b39cd4979de17ee94e02dfd7

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
gzip
via
1.1 google
server
openresty
etag
W/"f0f-BIJil7ZKQqUzjI0KcGdv9WgFFjk"
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
d39f98ec-9259-4f8b-896d-7ab58be1f900-models.bin
cdn.permutive.com/models/v2/ 		112 KB
79 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/d39f98ec-9259-4f8b-896d-7ab58be1f900-models.bin
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008a9e7d891db96cb0dce94a888f6a8a466472682f4142455703a44c75d9f734

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-goog-meta-oid
d39f98ec-9259-4f8b-896d-7ab58be1f900
age
0
x-guploader-uploadid
ADPycdtm1A0RjNURuHh9cA8xGAlf0XF1pryw4lu4NUVhGe4q0xGicnoxUaIm9OxZDKf0I8LLVlPot_RcwNIdKWW6CJcBV5Bs0zo6
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
80328
last-modified
Tue, 19 Sep 2023 12:41:52 GMT
server
cloudflare
etag
"2c9db34d682e6c0db2d14f5fa3aff773"
vary
Accept-Encoding
x-goog-generation
1695127312209182
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=krKalg==, md5=LJ2zTWgubA2y0U9fo6/3cw==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
80328
accept-ranges
bytes
timing-allow-origin
*
cf-ray
809eb375ad0b24c2-ZRH
expires
Thu, 21 Sep 2023 01:58:04 GMT
identify
api.permutive.com/v2.0/ 		50 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
5a345ccc6b2609cc4b224276077a6431d8c4c69e3f8f92798cfa05efe0870c6e

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
destination
www.googletagmanager.com/gtag/ 		241 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-WE4K4RF1F3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPMBMXS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0a79f9c96605d834f1f9150388ca2def865f8d2b4e04e441e48ecf8872fd40cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85621
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 21 Sep 2023 01:58:04 GMT
t
t.lkqd.net/ Frame 9701 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:04 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame E1B8 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1695261484.cds215.fr8.hn,1695261484.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
www-widgetapi.js
www.youtube.com/s/player/f130aa11/www-widgetapi.vflset/ 		210 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/f130aa11/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4cbcf052edc16dcdf7e674e4e0dff0a86b81610b4143237286cbdec2c1d560fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:02:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
3334
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66136
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 01:59:24 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 20 Sep 2024 01:02:30 GMT
quant.js
secure.quantserve.com/ Frame CB75 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.f0c68b402cbaf8d7f32c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
gzip
etag
"6ioqmyHWSWLYz5hkRjy8Uw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 28 Sep 2023 01:58:04 GMT
t3m.js
tags.t.tailtarget.com/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-12765-5/CT-1068
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.f0c68b402cbaf8d7f32c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
40e4951dffea740356de1c800b47ff35a1fac0756b592a4ff5ea9a316b0119b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:26:27 GMT
content-encoding
gzip
via
1.1 google
age
5497
x-guploader-uploadid
ADPycduu53gSJz-btA-jPfDDNwswX9VH9599CNrYIMMOkI2FI-oXDsY8pGDF5_XAyKj4YsjbG_BIv4g0Zhgxwc12Jl73NacwHxLX
x-goog-storage-class
STANDARD
x-guploader-response-body-transformations
gunzipped
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7679
last-modified
Thu, 17 Mar 2022 15:35:15 GMT
server
nginx/1.8.1
etag
"ad2f9abb7bbec08e62cf17d0cc7d9125"
vary
Accept-Encoding
x-goog-generation
1647531315191220
x-goog-hash
md5=rS+au3u+wI5izxfQzH2RJQ==
content-type
application/javascript
warning
214 UploadServer gunzipped
cache-control
max-age=7200,public
x-goog-stored-content-length
7679
accept-ranges
bytes
expires
Thu, 21 Sep 2023 02:26:27 GMT
cs.html
cs.seedtag.com/ Frame F130 		51 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Requested by
Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.f0c68b402cbaf8d7f32c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92627de3f8247ba3779c04c97da834843cd2ce0f9b8bcbc90d5de669286c1812

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
160
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
HIT
cf-ray
809eb375a9ee24c0-ZRH
content-encoding
br
content-type
text/html
date
Thu, 21 Sep 2023 01:58:04 GMT
etag
W/"2ff9eb522fbbcad21bb6774305a2a0c2"
expires
Fri, 22 Sep 2023 01:58:04 GMT
last-modified
Mon, 17 Jul 2023 13:43:40 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1689601420843860
x-goog-hash
crc32c=DckRUw== md5=L/nrUi+7ytIbtndDBaKgwg==
x-goog-metageneration
2
x-goog-storage-class
REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
15461
x-guploader-uploadid
ADPycdty0uzlYrpxH4Fckf3jtVk3DRnMdCjwN_IhIiZiEX5UKivIo54Ay3f2DKW4mzQMdSuUOKsu8DrJNuS0HYu3vlARhw
p
sb.scorecardresearch.com/ 		43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=26817122&c3=$accountId&c7=$currentUrl&c9=$referrerUrl&cv=2.0&cj=1
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
xNV7O8N29geaQQnHet9lDVW6Nhcd8dWfcFZg9dh5ZyToQMrOmXc96A==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 139E 		154 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&pid=dwHu5gpvFzAiZ&cb=0&ws=728x90&v=23.829.1852&t=60000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Fextra.globo.com.dw.728x90.inter%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F138871148%2C85042905%2Fextra.globo.com.dw.728x90.inter%22%7D%5D&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
dad8474906a60677f76830aff7fd797b7de90688ab55fbac7ac187038ec95910
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
9CD8DZJYAY31K6VPA8D2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
154
x-amz-cf-id
8E4ofNe7DZ59r1xpSewAIu2nw82IeslqgyMg2VSxgGKWoFGd2Z9LPg==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8867 		154 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&pid=VgufHQcP0z7Ln&cb=0&ws=728x90&v=23.829.1852&t=60000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Fextra.globo.com.dw.728x90.inter%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F138871148%2C85042905%2Fextra.globo.com.dw.728x90.inter%22%7D%5D&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
dad8474906a60677f76830aff7fd797b7de90688ab55fbac7ac187038ec95910
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
G76TPZAFV8B2ERXH5X48
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
154
x-amz-cf-id
PMjnFbi6S8zmFgp_1d9HH83LjiYvsmOmPAzDOAEqJ6Un2GTtlddPdQ==
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:04 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:04 GMT
server
nginx
t
t.lkqd.net/ Frame 9A80 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:04 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=285636105&t=pageview&_s=1&dl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&ul=en-us&de=UTF-8&dt=ESPN%20vai%20criar%20marca%20de%20apostas%20esportivas%20em%20acordo%20com%20rede%20de%20cassinos%20no%20valor%20de%20US%24%202%20bilh%C3%B5es%20%7C%20Economia%20%7C%20extra&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=33544537&gjid=1940378281&cid=156638556.1695261481&tid=UA-50597390-10&_gid=617622873.1695261484&_r=1&_slc=1&gtm=45He39i0n81TPMBMXS&cd1=%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&cd4=20230809&cd5=10&cd7=The%20New%20York%20Times&cd9=multi-content&cd47=False&cd49=Economia&cd82=desktop&cd83=The%20New%20York%20Times&z=611328706
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
audiences
api.permutive.com/audience-matching/v1/id/f841ea74-0c76-473f-b9e8-f09d818e4170/ 		12 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/f841ea74-0c76-473f-b9e8-f09d818e4170/audiences?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
debug
il-trc-events.taboola.com/editoraglobo-extra/log/2/ 		0
129 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20organic-thumbs-hero-01-x&lt=trecs&tvi2=-2&tim=03%3A58%3A04.545&id=55103&cv=20230920-27-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
76673
debug
il-trc-events.taboola.com/editoraglobo-extra/log/2/ 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20native-thumbs-feed-01-y&lt=trecs&tvi2=-2&tim=03%3A58%3A04.545&id=6944&cv=20230920-27-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
76673
debug
il-trc-events.taboola.com/editoraglobo-extra/log/2/ 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20thumbs-feed-01-pb&lt=trecs&tvi2=-2&tim=03%3A58%3A04.545&id=62601&cv=20230920-27-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
76673
debug
il-trc-events.taboola.com/editoraglobo-extra/log/2/ 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20organic-thumbs-hero-01-x&lt=trecs&tvi2=-2&tim=03%3A58%3A04.545&id=64765&cv=20230920-27-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
76673
debug
il-trc-events.taboola.com/editoraglobo-extra/log/2/ 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20native-thumbs-feed-01-y&lt=trecs&tvi2=-2&tim=03%3A58%3A04.545&id=66089&cv=20230920-27-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
76673
debug
il-trc-events.taboola.com/editoraglobo-extra/log/2/ 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20thumbs-feed-01-pb&lt=trecs&tvi2=-2&tim=03%3A58%3A04.545&id=30571&cv=20230920-27-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:04 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
76673
social
il-trc-events.taboola.com/editoraglobo-extra/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/3/social?lti=trecs&ri=23f7b7d3c0b174d1236a5b1391183449&sd=v2_f5676ad7538d1ad1706607ae3d9d5182_53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac_1695261484_1695261484_CNawjgYQmf9JGK7I1aurMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac&pi=%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&wi=3675370630977947700&pt=text&vi=1695261484078&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22ESPN%20vai%20criar%20marca%20de%20apostas%20esportivas%20em%20acordo%20com%20rede%20de%20cassinos%20no%20valor%20de%20US%24%202%20bilh%C3%B5es%20%22%2C%22sec%22%3A%22economia%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fs2-extra.glbimg.com%2FgLb_-m1bn_WhYvFnqigzrYBYHXo%3D%2F1200x%2Fsmart%2Ffilters%3Acover()%3Astrip_icc()%2Fi.s3.glbimg.com%2Fv1%2FAUTH_1f551ea7087a47f39ead75f64041559a%2Finternal_photos%2Fbs%2F2023%2FH%2FB%2FP9r83iRBCP0fp0FRm1gw%2Fespn.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://extra.globo.com
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.3.1/ 		128 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.3.1/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
166a5d38934ddd901f7ace38b6c6efc8142df07d514ac1ee214d89897935a267

Request headers

Referer
https://extra.globo.com/
Origin
https://extra.globo.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
via
1.1 2816426ad1adbedbdd23d4cdf80c2de2.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
age
147375
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
36612
x-served-by
cache-fra-eddf8230044-FRA
last-modified
Tue, 19 Sep 2023 09:01:43 GMT
server
AmazonS3
x-timer
S1695261485.663659,VS0,VE0
etag
"0d65b5b9ccf573fcfbc04121f4050f97"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
D36WdoEOACwnkINeCmXQYOx_-YGoHh1tzIe1aHKs81G8WtzTnOMjcg==
x-cache-hits
11596
feed-card-placeholder.20230920-27-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230920-27-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92d97991ec6e9a526f12410ab0994c15fbfc2a6aece69330c8cdcb59563d6250

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vW.jTt8D6Js0udD0gXqfu8nDVQoM2F1l
content-encoding
gzip
via
1.1 varnish
date
Thu, 21 Sep 2023 01:58:04 GMT
x-amz-request-id
B841HBYCNTGEQ9GQ
age
40811
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
Zvyl7YwROHiOgksbXjnFSar6FxGOVqG/K7VZKPEUU/zdgaGqXrRuUzSlPtaPsndHfpej7OWWNdw=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 20 Sep 2023 14:37:54 GMT
server
AmazonS3
x-timer
S1695261485.619965,VS0,VE0
etag
"559218901185e02ee46d99953dcc0c58"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
86
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
71407
distance-from-article.20230920-27-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230920-27-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc7692cec5b5fb398b7cb99760f39071969c674103018e07221fbb0046227ce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
TQWCdKW_93WAN3Db4XfYtPcgxPBB.Soc
content-encoding
gzip
via
1.1 varnish
date
Thu, 21 Sep 2023 01:58:04 GMT
x-amz-request-id
G2W2VPE4TARACVDK
age
40819
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
Xj5tkiwz/f1LDwKutKSxQ+dM4ZZG5R1XY2C75sn+3shnrmNIImpg3d5XHg+c8aADz/tfieKRQmA=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 20 Sep 2023 14:37:46 GMT
server
AmazonS3
x-timer
S1695261485.627555,VS0,VE0
etag
"5362edb5947d6818277e58444aa13c42"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
27
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
78493
article-detection.20230920-27-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230920-27-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecedae9d9bd8da80442389273ce409f31a27829736bbc659b5aa9d5fd1089495

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
HKDk1o3zqdmR08x5irvdxjjyVNGhZfqo
content-encoding
gzip
via
1.1 varnish
date
Thu, 21 Sep 2023 01:58:04 GMT
x-amz-request-id
AEQC0EQW2C1CAYS9
age
40828
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1293
x-amz-id-2
lqwVNLOf9nHBYRckZawsvWjDjYKqHKcMMIYwQt7jEtx0igvlVtOCkuATA3MWlVEU399bRi59tb8=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 20 Sep 2023 14:37:37 GMT
server
AmazonS3
x-timer
S1695261485.627531,VS0,VE0
etag
"68d9b1749f8cf3b949b9a0d0afb3d085"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
86
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
78486
8314438e-1240-4037-ade5-bfeaed299a90.css
cdn.taboola.com/static/83/ 		451 B
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/static/83/8314438e-1240-4037-ade5-bfeaed299a90.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
CkT0watBV7AEsiEughRkYLexggZw11Ym
content-encoding
gzip
via
1.1 varnish
date
Thu, 21 Sep 2023 01:58:04 GMT
x-amz-request-id
R4F03AQNEPVKF3AX
age
18378
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
222
x-amz-id-2
/jMdVOwsNHZF3qQZrGTC6AMtqmF94fm9HA8iAV+tqkPbM/ajUbd7iy1uIElPYKSSn28uUgBzJBI=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Tue, 07 Jul 2020 17:40:49 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1695261485.637603,VS0,VE0
etag
"1802e318f880ad7e5c7030e9da649cf6"
vary
Accept-Encoding
content-type
text/css
abp
90
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
20
userx.20230920-27-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230920-27-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
989b69cc4a7a74df2bb81583b9bba4187bba1408e28e77adf771d7a9102bc9e2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
0Cel7j14y5l_zz8ciTYea3QFFrG8vGwP
content-encoding
gzip
via
1.1 varnish
date
Thu, 21 Sep 2023 01:58:04 GMT
x-amz-request-id
DKVFMTQ7FZBFTTJP
age
40768
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5399
x-amz-id-2
GPwVGIk4M+jBuAgZSdsoQHplxnlc95Kuo2oK7Hp4cvaO2/iy4MLzj3Nbi91NUWyitcasEAZTafY=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 20 Sep 2023 14:38:36 GMT
server
AmazonS3
x-timer
S1695261485.657565,VS0,VE0
etag
"ec3505ddb7b37d1ce4641b0edef9e116"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
16
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
13293
explore-more.20230920-27-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230920-27-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
014d98184c6d1852e7b771a5c28fe6cf6da165532a6c559785e58d03f5c200e3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
d8kk2jDbexSMdfvIVQF33mov3R3Mjk7K
content-encoding
gzip
via
1.1 varnish
date
Thu, 21 Sep 2023 01:58:04 GMT
x-amz-request-id
838HR0N6QH5KNRD1
age
40813
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7707
x-amz-id-2
tc+0j9M6t09Ke18jC65/SeV4d2wAHDr1MSi403Bk2XCvxurEwzC+MaKuvaUuhSe/ogBRs3vzvxc=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 20 Sep 2023 14:37:51 GMT
server
AmazonS3
x-timer
S1695261485.657758,VS0,VE0
etag
"2b2983fa3a082ecd8f84834c9bb032c9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
13
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
36585
abtests
il-trc-events.taboola.com/editoraglobo-extra/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=9002&tvi50=10882&lti=trecs&ri=23f7b7d3c0b174d1236a5b1391183449&sd=v2_f5676ad7538d1ad1706607ae3d9d5182_53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac_1695261484_1695261484_CNawjgYQmf9JGK7I1aurMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac&pi=/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&wi=3675370630977947700&pt=text&vi=1695261484078&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1695261484630%7D&tim=03%3A58%3A04.631&id=6718&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/editoraglobo-extra/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=9002&tvi50=10882&lti=trecs&ri=23f7b7d3c0b174d1236a5b1391183449&sd=v2_f5676ad7538d1ad1706607ae3d9d5182_53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac_1695261484_1695261484_CNawjgYQmf9JGK7I1aurMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac&pi=/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&wi=3675370630977947700&pt=text&vi=1695261484078&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A58%3A04.639&id=1157&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Thu, 21 Sep 2023 01:58:04 GMT
x-amz-request-id
0R9XQHAA5Q1ZDC2Q
age
84
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
MkI6vMFxHgM3ZVV9S+UeT9PE5jyReG3BVKLcXsx3HwZ8PMgvnFA1z8I5XykG/Hk432UfiS+ju9w=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1695261485.731906,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
0
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
7
metrics
il-trc-events.taboola.com/editoraglobo-extra/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/3/metrics?route=AM%3AIL%3AV&lti=trecs
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://extra.globo.com
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/editoraglobo-extra/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/3/abtests?route=AM%3AIL%3AV&lti=trecs&tvi2=-2&ri=23f7b7d3c0b174d1236a5b1391183449&sd=v2_f5676ad7538d1ad1706607ae3d9d5182_53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac_1695261484_1695261484_CNawjgYQmf9JGK7I1aurMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac&pi=%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&wi=3675370630977947700&pt=text&vi=1695261484078&tim=03%3A58%3A04.557&id=59224&llvl=2&cv=20230920-27-RELEASE&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22brsd%22%2C%22type%22%3A%7B%22esv%22%3A%22ES2021%22%2C%22c%22%3Atrue%2C%22ss%22%3Atrue%2C%22ls%22%3Atrue%7D%2C%22eventTime%22%3A1695261484557%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://extra.globo.com
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
stats.g.doubleclick.net/j/ 		1 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-50597390-10&cid=156638556.1695261481&jid=33544537&gjid=1940378281&_gid=617622873.1695261484&_u=YAhAAEAAAAAAACAAI~&z=352923854
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 21 Sep 2023 01:58:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 2F82
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 01:58:04 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 21 Sep 2023 01:58:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
server
AkamaiGHost
CookieSync.html
csync.smartadserver.com/rtb/csync/ Frame 4281 		435 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:366b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Thu, 21 Sep 2023 01:58:04 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524912.090457"
Last-Modified
Tue, 22 Feb 2022 09:59:55 GMT
Server
AkamaiNetStorage
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 232D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132162
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 21 Sep 2023 01:58:04 GMT
expires
Fri, 22 Sep 2023 14:40:46 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame D230
Redirect Chain
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1695261484783&pubconsent=&euconsent=&hasConsent=1
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1695261484783&pubconsent=&euconsent=&hasConsent=1&rd=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1695261484783&pubconsent=&euconsent=&hasConsent=1&rd=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
910e1caecf006c19e3b8f42696af298300af5fa6a1e6aca84659310decb6e506

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 21 Sep 2023 01:56:45 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.5

Redirect headers

content-type
text/html; charset=UTF-8
date
Thu, 21 Sep 2023 01:56:45 GMT
location
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1695261484783&pubconsent=&euconsent=&hasConsent=1&rd=1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.5
/
ssc-cms.33across.com/ps/ Frame 5838 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP006 /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
server
33XP006
x-33x-status
2020008
isync
visitor.omnitagjs.com/visitor/ Frame 9DAA 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
2ae1406e3c911ac10475c7f95a05fc3167d2a655466d9ba38b31abb1cf1e654e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1465
content-type
text/html; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:04 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-fra02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
6
/
onetag-sys.com/usync/ Frame F1FA 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75601b04186d260
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
v1
match.sharethrough.com/universal/ Frame 226E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.250.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-250-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
pulsepoint
s.seedtag.com/cs/cookiesync/ Frame AE68
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562983&ev=1&us_privacy=&rurl=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpulsepoint%3Fchanneluid%3D%25%25VGUID%25%25
  • https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=lIBltm0HGXpD&ev=1&us_privacy=&pid=562983
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=lIBltm0HGXpD&ev=1&us_privacy=&pid=562983
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Sep 2023 01:58:04 GMT
server
openresty
via
1.1 google

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
de-CH
cw-server
bh-deployment-f59c96d6-9g5rb
expires
-1
location
https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=lIBltm0HGXpD&ev=1&us_privacy=&pid=562983
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
s
s.seedtag.com/cs/st/ Frame F130 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/st/s
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
appnexus
s.seedtag.com/cs/cookiesync/ Frame F130
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7078119663561859382
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7078119663561859382
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
an-x-request-uuid
ea682398-ceee-435b-9d6f-4e7ca3c0e2f0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=7078119663561859382
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
smart
s.seedtag.com/cs/cookiesync/ Frame F130
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=906539967438444046
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/smart?channeluid=906539967438444046
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/smart?channeluid=906539967438444046
date
Thu, 21 Sep 2023 01:58:04 GMT
content-length
0
outbrain
s.seedtag.com/cs/cookiesync/ Frame F130
Redirect Chain
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Location
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=&gdpr=0
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
90
Content-Type
text/html; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame F130 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Bidswitch
s.seedtag.com/cs/cookiesync/ Frame F130
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag&bsw_custom_parameter=288a0a7b-baec-457a-b3a8-f6f3afd79784
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=seedtag&bsw_custom_parameter=288a0a7b-baec-457a-b3a8-f6f3afd79784
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f5e96277-db67-4937-a9cb-f717eef9b894&user_group=1&ssp=seedtag&bsw_param=288a0a7b-baec-457a-b3a8-f6f3afd79784
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
//s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=
date
Thu, 21 Sep 2023 01:58:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
partner
sync.search.spotxchange.com/ Frame F130 		0
0
/
sync.richaudience.com/03635d2e5423be5c297a9b6f812b727e/ Frame F130
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
  • https://pixel.advertising.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58170/sync?gdpr=0&gdpr_consent=&_origin=1&redir=true
  • https://sync.richaudience.com/03635d2e5423be5c297a9b6f812b727e/?action=in&uid=y-SLhXIzBE2uHri3u5PdujMrkBqbSEkQD.~A&gdpr=0
95 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/03635d2e5423be5c297a9b6f812b727e/?action=in&uid=y-SLhXIzBE2uHri3u5PdujMrkBqbSEkQD.~A&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H2
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
date
Thu, 21 Sep 2023 01:56:45 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/03635d2e5423be5c297a9b6f812b727e/?action=in&uid=y-SLhXIzBE2uHri3u5PdujMrkBqbSEkQD.~A&gdpr=0
date
Thu, 21 Sep 2023 01:58:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
partner
sync.search.spotxchange.com/ Frame F130 		0
0
improvedigital
s.seedtag.com/cs/cookiesync/ Frame F130
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
  • https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=1b6e2241-4b10-4959-afd1-1387c727541d
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=1b6e2241-4b10-4959-afd1-1387c727541d
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=1b6e2241-4b10-4959-afd1-1387c727541d
access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:05 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
indexexchange
s.seedtag.com/cs/cookiesync/ Frame F130
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZQujKutf4JN9V-XEBbC8xQAA%265191
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZQujKutf4JN9V-XEBbC8xQAA%265191
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmSoUaNUv%2BoHskFtCtKZmkVix%2F%2FugkMn%2BOea3T88K5jh5ppsOZWRPcVEibwH1iSehl7lSBEoP0Q89%2FkyDdRDEshLcRFA0YSEW6x2cJnRCxBMiSIvhq%2B3nrdoUDbs4y7QJom6EF2z8U2FDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZQujKutf4JN9V-XEBbC8xQAA%265191
cache-control
no-cache
cf-ray
809eb377fd2c24c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
verizon
s.seedtag.com/cs/cookiesync/ Frame F130
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58427/occ
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-AiBnO.lE2uGw9jCnIM2YjBB5Z9gxKila5.8Q6Fg-~A
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-AiBnO.lE2uGw9jCnIM2YjBB5Z9gxKila5.8Q6Fg-~A
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-AiBnO.lE2uGw9jCnIM2YjBB5Z9gxKila5.8Q6Fg-~A
date
Thu, 21 Sep 2023 01:58:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
adform
s.seedtag.com/cs/cookiesync/ Frame F130
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fadform%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/adform?channeluid=1945593063401236011
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/adform?channeluid=1945593063401236011
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/adform?channeluid=1945593063401236011
date
Thu, 21 Sep 2023 01:58:04 GMT
server
nginx
content-length
0
content-type
text/plain
pixel
ap.lijit.com/ Frame F130 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 21 Sep 2023 01:58:04 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
openx
s.seedtag.com/cs/cookiesync/ Frame F130
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e297ef35-c932-4587-9b44-3838020a33e7&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fopenx%3Fchanneluid%3D%7BOPENX_ID%7D
  • https://s.seedtag.com/cs/cookiesync/openx?channeluid=f021a618-a124-4473-b89b-0da79e8c06d1
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/openx?channeluid=f021a618-a124-4473-b89b-0da79e8c06d1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://s.seedtag.com/cs/cookiesync/openx?channeluid=f021a618-a124-4473-b89b-0da79e8c06d1
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
yeahmobi
s.seedtag.com/cs/cookiesync/ Frame F130
Redirect Chain
  • https://event.clientgear.com/cookie/seedtag?partner=seedtag&cookieid=
  • https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mkbeaac44ccc2949dba272d57345ae292c
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mkbeaac44ccc2949dba272d57345ae292c
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mkbeaac44ccc2949dba272d57345ae292c
date
Thu, 21 Sep 2023 01:58:04 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
rtbhouse
s.seedtag.com/cs/cookiesync/ Frame F130
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=seedtag
  • https://creativecdn.com/cm-notify?pi=seedtag&tc=1
  • https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=yUyoNLW9ZHw7nDJpwtS0&pi=seedtag&tc=1
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=yUyoNLW9ZHw7nDJpwtS0&pi=seedtag&tc=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=yUyoNLW9ZHw7nDJpwtS0&pi=seedtag&tc=1
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT, Thu, 21 Sep 2023 01:58:05 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
opera
s.seedtag.com/cs/cookiesync/ Frame F130
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub9283744565120
  • https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPUdd1964431d80457ca9ca37e876c7cc5e
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPUdd1964431d80457ca9ca37e876c7cc5e
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPUdd1964431d80457ca9ca37e876c7cc5e
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
111
expires
Mon, 01 Jan 1990 00:00:00 GMT
rules-p-PFW5FesqXn206.js
rules.quantcount.com/ Frame CB75 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-PFW5FesqXn206.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:45:13 GMT
content-encoding
gzip
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
772
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 15:36:52 GMT
server
AmazonS3
etag
W/"a521a7bf6d17b50bc9827eaad4be8ecc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
DTjLqUzYM9GSrZRLNcDiMNbolHvJXJyKip9OwgrtSdZKzKEMKNaHPQ==
usync.html
ad.lkqd.net/cookie-sync/ Frame 25CF 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 21 Sep 2023 01:58:04 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1695261484.cds215.fr8.hn,1695261484.cds226.fr8.c
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c4=true&c5=&c6=59871&rnd=23438530&m=&rtv=1&thost=extra.globo.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Thu, 21 Sep 2023 01:58:05 GMT
server
nginx
ad
v.lkqd.net/ Frame E1B8 		20 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c4=true&c5=&c6=59871&rnd=23438530&m=&rtv=1&thost=extra.globo.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
926459c49481c8f910ea82d457e2a137a059bcc2e41bc08584a69550a632764b

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3777
social
il-trc-events.taboola.com/editoraglobo-extra/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/3/social?route=AM:IL:V&tvi2=-2&tvi48=9002&tvi50=10882&lti=trecs&ri=23f7b7d3c0b174d1236a5b1391183449&sd=v2_f5676ad7538d1ad1706607ae3d9d5182_53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac_1695261484_1695261484_CNawjgYQmf9JGK7I1aurMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac&pi=/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&wi=3675370630977947700&pt=text&vi=1695261484078&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22ESPN%20vai%20criar%20marca%20de%20apostas%20esportivas%20em%20acordo%20com%20rede%20de%20cassinos%20no%20valor%20de%20US%24%202%20bilh%C3%B5es%20%22%2C%22sec%22%3A%22economia%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fs2-extra.glbimg.com%2FgLb_-m1bn_WhYvFnqigzrYBYHXo%3D%2F1200x%2Fsmart%2Ffilters%3Acover()%3Astrip_icc()%2Fi.s3.glbimg.com%2Fv1%2FAUTH_1f551ea7087a47f39ead75f64041559a%2Finternal_photos%2Fbs%2F2023%2FH%2FB%2FP9r83iRBCP0fp0FRm1gw%2Fespn.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=03%3A58%3A04.836&id=5040&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
abtests
il-trc-events.taboola.com/editoraglobo-extra/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=9002&tvi50=10882&lti=trecs&ri=23f7b7d3c0b174d1236a5b1391183449&sd=v2_f5676ad7538d1ad1706607ae3d9d5182_53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac_1695261484_1695261484_CNawjgYQmf9JGK7I1aurMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac&pi=/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&wi=3675370630977947700&pt=text&vi=1695261484078&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1695261484864%7D&tim=03%3A58%3A04.864&id=8300&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:04 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
config
c.amazon-adsystem.com/cdn/prod/ Frame 8867 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fextra.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
2be930b5841b56fd56577775b0c5043ec78a87c18fae85d402f0d0376d8e3bd9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 23:36:54 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
8470
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2993
x-amz-cf-id
tulC_Y8aC19wLlhBM1BdRiOOBWnSKhVQPZVEIxidXQ9jw66LSvtLgw==
ads
securepubads.g.doubleclick.net/gampad/ Frame 8867 		49 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1323211802029662&correlator=70278810845844&eid=31078026%2C31077993&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fifs&iu_parts=138871148%3A85042905%2Cextra.globo.com.dw.728x90.inter&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90&fluid=height&ifi=1&didk=1500736068&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D867e77098217fd78%3AT%3D1695261481%3ART%3D1695261481%3AS%3DALNI_MYboeAK46eKE6jwLJo4SO1URg1eaQ&gpic=UID%3D00000c7aeaec8c1a%3AT%3D1695261481%3ART%3D1695261481%3AS%3DALNI_MYKaynU0yBeZp5JWKYhR9g3qxAk9w&arp=1&abxe=1&dt=1695261484885&lmt=1695254284&adxs=436&adys=4199&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=1&ucis=v1jz6aioay5y&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&ref=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&top=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&vis=1&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=156638556.1695261481&ga_sid=1695261485&ga_hid=1659130641&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YxrLVq6sxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiKtdWrqzFIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJAZGY2NmI4NTE0MDlkMzFlZmY5MmQzMjcxZjI2ODE2ZDUzOTM4MjBjNGRiYjcyNDFjZGZmMWVjYzgwZjNjYWI5MRitt9WrqzFIABI7CgpwdWJjaWQub3JnEiQ0ZjAxZGU4NC02NmQ5LTQyNmItOTkwMC1kNzcyMjMxNzk0YzkYrLTVq6sxSAASHQoOZXNwLmNyaXRlby5jb20YxrLVq6sxSABSAghkEq4CCghydGJob3VzZRKYAmxHU0lhODhLS2FyWUNobENvSHdSUU04akpnMXk5ZEE3QUdwM1orVzBWNVZoWlJFbzJhOU5KVnd3WEloTlE4bHhpSE5SZzJjQzcwbklxQ3pRVnN4dy8rVEt2V0syK0I1b0VpdWMxWkhNN3l5N2V1ci9GTDdwNXJKQ0FudzI3QTNYem1nYlp0cjRKd0F6RWFndHdsaldBVStNS2FUdjUwQlVsR3k1TGd1VnZCbXp0M1MvWDZhWmNwYUplRFRsNFNUcXk1VWlka0gxd0U0QWVLNVlocys1N3VRSml6eG9uTnpESU81MlMwOEJlWWE5QjlZZ2pNVFBUUEFBS1hqZXFEMVNrcUJrZWU3K05lZ0lpMHpoTXBGWWdBPT0YvLjVq6sxSAASPgoFb3BlbngSLGV5SnBJam9pWTJSVVFVWTVSVmxVTVVjd01VaGhURzFyYWtadVFUMDlJbjA9GPu51aurMUgA&dlt=1695261482025&idt=948&prev_scp=refreshcounter%3Doriginal%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fr%3Dfalse%26id%3D33a0273d-5822-11ee-82da-02c790015d1e%26vw%3D40%2C50%2C60%26grm%3D40%26vw05%3D40%2C50%26vw10%3D40%26ias-kw%3DIAS_3005109_PG%2CIAS_3006644_PG%2CIAS_3005087_PG%2CIAS_3005088_PG%2CIAS_3010816_PG%2CIAS_3008617_PG%2CIAS_3005057_PG%26amznbid%3D2%26amznp%3D2%26hcmviewable%3Dfalse&cust_params=hcmschain%3D288%26mycodedomain%3Dglobo.com%26amznbid%3D0%26amznp%3D0&adks=241237091&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d420a6e1e5b3a77cc45a1073e30511769e8d08717bb134d7e644582ed458f54b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
567120,213044
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21336
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
979554,312750
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8867 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309140101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
414738fd06dbfb990521cc9ed5ad8b69b272707e710a59d8d7b8120b1cc21871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12198
x-xss-protection
0
container.html
d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E4A4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:04 GMT
expires
Fri, 20 Sep 2024 01:58:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
config
c.amazon-adsystem.com/cdn/prod/ Frame 139E 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fextra.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
2be930b5841b56fd56577775b0c5043ec78a87c18fae85d402f0d0376d8e3bd9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 23:36:54 GMT
via
1.1 5a5b94c62ea85e0c0d78b169589b08b4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
8470
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2993
x-amz-cf-id
b7BEfjoZaCT_bWZ2g9fwtmByaoYeQdSzF7tH8T792SeDNq0-434ljg==
ads
securepubads.g.doubleclick.net/gampad/ Frame 139E 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2466964896509682&correlator=1140146475897944&eid=31077942%2C31078025%2C31077693%2C31070232%2C21065724&output=ldjh&gdfp_req=1&vrg=202309140101&ptt=17&impl=fifs&iu_parts=138871148%3A85042905%2Cextra.globo.com.dw.728x90.inter&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90&fluid=height&ifi=1&didk=1500736068&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D867e77098217fd78%3AT%3D1695261481%3ART%3D1695261481%3AS%3DALNI_MYboeAK46eKE6jwLJo4SO1URg1eaQ&gpic=UID%3D00000c7aeaec8c1a%3AT%3D1695261481%3ART%3D1695261481%3AS%3DALNI_MYKaynU0yBeZp5JWKYhR9g3qxAk9w&arp=1&abxe=1&dt=1695261484928&lmt=1695254284&adxs=436&adys=3221&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=1&ucis=k660brahm9ju&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&ref=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&top=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&vis=1&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=156638556.1695261481&ga_sid=1695261485&ga_hid=184971158&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YxrLVq6sxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiKtdWrqzFIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJAZGY2NmI4NTE0MDlkMzFlZmY5MmQzMjcxZjI2ODE2ZDUzOTM4MjBjNGRiYjcyNDFjZGZmMWVjYzgwZjNjYWI5MRitt9WrqzFIABI7CgpwdWJjaWQub3JnEiQ0ZjAxZGU4NC02NmQ5LTQyNmItOTkwMC1kNzcyMjMxNzk0YzkYrLTVq6sxSAASHQoOZXNwLmNyaXRlby5jb20YxrLVq6sxSABSAghkEq4CCghydGJob3VzZRKYAmxHU0lhODhLS2FyWUNobENvSHdSUU04akpnMXk5ZEE3QUdwM1orVzBWNVZoWlJFbzJhOU5KVnd3WEloTlE4bHhpSE5SZzJjQzcwbklxQ3pRVnN4dy8rVEt2V0syK0I1b0VpdWMxWkhNN3l5N2V1ci9GTDdwNXJKQ0FudzI3QTNYem1nYlp0cjRKd0F6RWFndHdsaldBVStNS2FUdjUwQlVsR3k1TGd1VnZCbXp0M1MvWDZhWmNwYUplRFRsNFNUcXk1VWlka0gxd0U0QWVLNVlocys1N3VRSml6eG9uTnpESU81MlMwOEJlWWE5QjlZZ2pNVFBUUEFBS1hqZXFEMVNrcUJrZWU3K05lZ0lpMHpoTXBGWWdBPT0YvLjVq6sxSAASPgoFb3BlbngSLGV5SnBJam9pWTJSVVFVWTVSVmxVTVVjd01VaGhURzFyYWtadVFUMDlJbjA9GPu51aurMUgA&dlt=1695261481997&idt=883&prev_scp=refreshcounter%3Doriginal%26pwtsid%3D9c80de67421e3f%26pwtbst%3D1%26pwtecp%3D0.19%26pwtpid%3Dappnexus%26pwtpubid%3D157163%26pwtprofid%3D4983%26pwtverid%3D7%26pwtsz%3D728x90%26pwtplt%3Ddisplay%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fr%3Dfalse%26id%3D4ccb537d-5822-11ee-8f93-0ac96f434aff%26vw%3D40%2C50%2C60%26grm%3D40%26vw05%3D40%2C50%26vw10%3D40%26ias-kw%3DIAS_3005109_PG%2CIAS_3006644_PG%2CIAS_3005087_PG%2CIAS_3005088_PG%2CIAS_3010816_PG%2CIAS_3008617_PG%2CIAS_3005057_PG%26amznbid%3D2%26amznp%3D2%26hcmviewable%3Dfalse&cust_params=hcmschain%3D288%26mycodedomain%3Dglobo.com%26amznbid%3D0%26amznp%3D0&adks=241237091&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73e021bf6400695e6e5f0b0d1afd85d09dc91fa864cc148811d561f7ccda99ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12315
x-xss-protection
0
google-lineitem-id
5676126179
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138347101821
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 139E 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309140101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78d63606546b6f50c7e2e277b874df217c0bcbbb85f4b4ea073969719d9acf68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12238
x-xss-protection
0
container.html
0f708961b8f1feaf0d154d64eb24d8ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4B0D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0f708961b8f1feaf0d154d64eb24d8ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:04 GMT
expires
Fri, 20 Sep 2024 01:58:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
all
csm.eu.criteo.net/ Frame 7CC8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ZbabOXKe1Ktls8WuCLlu5IKT0_oyGaTBo43-l5AS2N4J05QQfi3HJGZzdBWY2e9SCLAAgcs-MD4Niq7WRQreCiQik0vQyC7e1_ujV2dxgsT8_FAESIrIBez4LWJZaoT0dO3knU3Imhev1TRAocIAJ7SOeHZR7-CTLMeg5AdRotwvp_srpqzvLHBXLdrmf8spznEYQTSQwdPNxEwuGTYD6iKIBCp32saf2JQ5f-XdpWbKe8Djt0-vaptrO2X9DILyDV8_TQ&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:04 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
collect
region1.google-analytics.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WE4K4RF1F3&gtm=45je39i0&_p=285636105&cid=156638556.1695261481&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=901522336865134169&sid=1695261484&sct=1&seg=0&dl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&dt=ESPN%20vai%20criar%20marca%20de%20apostas%20esportivas%20em%20acordo%20com%20rede%20de%20cassinos%20no%20valor%20de%20US%24%202%20bilh%C3%B5es%20%7C%20Economia%20%7C%20extra&en=page_view&_fv=1&_ss=1&up.user_code=901522336865134169&up.user_code_provider=anonymous
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-WE4K4RF1F3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-WE4K4RF1F3&v=3&t=t&pid=1933361450&cv=1&rv=39i0&tc=11&es=1&e=gtm.init_consent&eid=-1&ut=AACA&h=Ag&dl=extra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&tdp=G-WE4K4RF1F3;69849104;1;3;1&z=0
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=G-WE4K4RF1F3&v=3&t=t&pid=1933361450&cv=1&rv=39i0&tc=11&es=1&e=gtm.init_consent&eid=-1&ut=AACA&h=Ag&dl=extra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&tdp=G-WE4K4RF1F3;69849104;1;3;1&z=0
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-WE4K4RF1F3&v=3&t=t&pid=1933361450&cv=1&rv=39i0&tc=11&es=1&e=gtm.init&eid=0&ut=AACA&h=Ag&tr=1ccdconversionmarking.1ccdemdownload.1ccdemoutboundclick.1ccdempageview.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdgaregscope.1setproductsettings.1ogtgooglesignals&ti=2ccdconversionmarking.2ccdemdownload.2ccdemoutboundclick.2ccdempageview.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdgaregscope.2setproductsettings.2ogtgooglesignals&z=0
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-WE4K4RF1F3&v=3&t=t&pid=1933361450&cv=1&rv=39i0&tc=11&es=1&e=gtm.js&eid=1&ut=AACA&h=Ag&tr=1gct&ti=1gct&z=0
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-WE4K4RF1F3&v=3&t=t&pid=1933361450&cv=1&rv=39i0&tc=11&es=1&e=gtm.dom&eid=2&ut=AACA&h=Ag&z=0
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-WE4K4RF1F3&v=3&t=t&pid=1933361450&cv=1&rv=39i0&tc=11&es=1&e=*&eid=3&ut=AACA&h=Ag&z=0
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame 7B0F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQNQtW_-bzDTzoSOt_yUxsyz9EqiyJkkWEHZr60k7plE6WCbUTle-EOmJ8nXki2RcKJzsge7cbHAGYaLLd8fUSx3Dvp1LM9L4zs6Ba&sig=Cg0ArKJSzPNq98_FOFQQEAE&id=lidar2&mcvt=1177&p=181,205,431,1395&mtos=1177,1177,1177,1177,1177&tos=1177,0,0,0,0&v=20230920&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3665132083&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695261482602&rpt=1215&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
aax-eu.amazon-adsystem.com/s/ Frame 0A0E 		324 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8ff7b45adb5a57b1a3db6498e5efa2619286d9ad375c7dac62b3d08c62befb6b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
324
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 21 Sep 2023 01:58:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
BNGPQ3G0YH27VP2MS8XE
usync.js
eus.rubiconproject.com/ Frame 2F82 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
51d124d36cad7f55b97069e9ccd3c06c32174f2d09e959bd9912366b06f12ec6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2023 11:53:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35661
Connection
keep-alive
Content-Length
10516
Expires
Thu, 21 Sep 2023 11:52:26 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 8867 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 21 Sep 2023 02:13:05 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 8867 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:59:57 GMT
content-encoding
gzip
via
1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
3489
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
2D_xOKyaycIVodmOpabX1m2HC7VUBUR5BJHrt6JqfF2My-SPTN0_oQ==
hadron.js
cdn.hadronid.net/ Frame 8867 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&ref=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&_it=amazon&partner_id=407
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907P0TB94S36DGVM
age
5222
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
809eb379eecf91ed-FRA
x-amz-id-2
h/ONXLwae6iM09gh9FAps6RtAYH3Y0Kwsp/Odih6j7jcgPhpo1/xVSCaJJeV+QY3MnwBFDbKvY0=
92bb6886-83
aps.zqtk.net/ Frame 8867 		0
0
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 8867 		138 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a170a7411835031a08ba9a8499c88b73eb0e9ca71729ad3bdcfce3c4332242
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 09:30:49 GMT
server
cloudflare
x-amz-request-id
XMGCEV55DCNN0JQK
age
2374
etag
W/"6f2e4365e45d56ebb0820172e6b3d823"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
809eb37978e73605-FRA
x-amz-id-2
oNQKL0R5lo+KLSo5W3+bmxpkZmLzQlm3B9Wm3uUuQK18VYTh6VAuLfWghoNc51qeh005v4aCr58=
sync
visitor.omnitagjs.com/visitor/ Frame 9DAA
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3...
  • https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7078119663561859382&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
49 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7078119663561859382&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
an-x-request-uuid
4bbe3260-e7fb-4b77-8ace-fb61b1a12b55
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=7078119663561859382&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 9DAA
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb2...
  • https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7078119663561859382&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7078119663561859382&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
an-x-request-uuid
cd81a644-d624-4956-aa99-19be6dc0cc01
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=7078119663561859382&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 9DAA
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=yUyoNLW9ZHw7nDJpwtS0&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
49 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=yUyoNLW9ZHw7nDJpwtS0&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=yUyoNLW9ZHw7nDJpwtS0&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT, Thu, 21 Sep 2023 01:58:05 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame 9DAA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=adyoulike&gdpr=0&user_id=a5bnqjyQ5apwwuf7PJL6_T7Ctflwle__b5tIXeuB
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=288a0a7b-baec-457a-b3a8-f6f3afd79784&name=BIDSWITCH&gdpr=0&gdpr_consent=
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=288a0a7b-baec-457a-b3a8-f6f3afd79784&name=BIDSWITCH&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=288a0a7b-baec-457a-b3a8-f6f3afd79784&name=BIDSWITCH&gdpr=0&gdpr_consent=
date
Thu, 21 Sep 2023 01:58:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ayl_pixel
api-2-0.spot.im/pixels/ Frame 9DAA 		0
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=221f3a70f2afdba78a0e8490c80ce750
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-76.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
NexqxEjOFd9a7W0aODQ3VJtmlok9Ko0R-8qQGiPRsdXEd5h8HEWo5A==
x-cache
Miss from cloudfront
sync
visitor.omnitagjs.com/visitor/ Frame 9DAA
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/aul
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AACRqE7KF0YAABklX71mMQ&name=BEESWAX
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AACRqE7KF0YAABklX71mMQ&name=BEESWAX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AACRqE7KF0YAABklX71mMQ&name=BEESWAX
Date
Thu, 21 Sep 2023 01:58:05 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame 9DAA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
visitor.omnitagjs.com/visitor/ Frame 9DAA
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De77031af9e62c4...
  • https://visitor.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=737d10dbacc40325579565d5799413dc&gdpr=0&gdpr_consent=
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=737d10dbacc40325579565d5799413dc&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

date
Thu, 21 Sep 2023 01:58:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://visitor.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=737d10dbacc40325579565d5799413dc&gdpr=0&gdpr_consent=
access-control-allow-credentials
true
cf-ray
809eb37aacf0b927-AMS
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
sync
visitor.omnitagjs.com/visitor/ Frame 9DAA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D_...
  • https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0&gdpr_consent=&gdpr=0
49 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=&gdpr=0&gdpr_consent=&gdpr=0
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
195
Content-Type
text/html; charset=utf-8
SPug
image4.pubmatic.com/AdServer/ Frame 9DAA
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23P...
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B499B7AD-7917-48EE-AC2C-59DD92D48E33&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-i4.vAWRE2uWBI2M3gKO_6XkIVa3t7yc-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-i4.vAWRE2uWBI2M3gKO_6XkIVa3t7yc-~A&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-i4.vAWRE2uWBI2M3gKO_6XkIVa3t7yc-~A&gdpr=0
date
Thu, 21 Sep 2023 01:58:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
visitor.omnitagjs.com/visitor/ Frame 9DAA
Redirect Chain
  • https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdp...
  • https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=40865a8c-397a-4ab6-86b1-61a24f3778ff%20&gdpr_consent=null&gdpr=0
49 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=40865a8c-397a-4ab6-86b1-61a24f3778ff%20&gdpr_consent=null&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor=40865a8c-397a-4ab6-86b1-61a24f3778ff &gdpr_consent=null&gdpr=0
date
Thu, 21 Sep 2023 01:58:05 GMT
server
_
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame 9DAA
Redirect Chain
  • https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D...
  • https://visitor.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0996220400452a0f2b180df2&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0996220400452a0f2b180df2&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?name=ADOTMOB&ttl=720&uid=b989ee06df7dfc250798f7f0dfc4ddee&visitor=0996220400452a0f2b180df2&gdpr=0&gdpr_consent=&gdpr=0&gdprConsent=
date
Thu, 21 Sep 2023 01:58:05 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame 9DAA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131&name=STACKADAPT&gdpr=0&gdpr_consent=
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131&name=STACKADAPT&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131&name=STACKADAPT&gdpr=0&gdpr_consent=
Date
Thu, 21 Sep 2023 01:58:05 GMT
Connection
keep-alive
Content-Length
221
Content-Type
text/html; charset=utf-8
sync
visitor.omnitagjs.com/visitor/ Frame 9DAA
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67019618...
  • https://visitor.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=f8d883f0dc734b80a814cfefc7c2f949&gdpr=0&gdpr_consent=
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=f8d883f0dc734b80a814cfefc7c2f949&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
10
content-length
49
expires
0

Redirect headers

date
Thu, 21 Sep 2023 01:58:05 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
location
https://visitor.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=f8d883f0dc734b80a814cfefc7c2f949&gdpr=0&gdpr_consent=
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
0
x-xss-protection
0
101967
jadserve.postrelease.com/suid/ Frame 9DAA 		43 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.244.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-244-57.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
pixel
ap.lijit.com/ Frame 9DAA 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 21 Sep 2023 01:58:05 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
visitor.omnitagjs.com/visitor/ Frame 9DAA
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=3f6a4ce6-40ca-5208-86f3-3f62e3f89c4f&name=BETWEENX&gdpr=0&gdpr_consent=
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=3f6a4ce6-40ca-5208-86f3-3f62e3f89c4f&name=BETWEENX&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=3f6a4ce6-40ca-5208-86f3-3f62e3f89c4f&name=BETWEENX&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
cookiesync
bttrack.com/pixel/ Frame 9DAA 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.69 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
69.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-servername
Track004-iad
pragma
no-cache
date
Thu, 21 Sep 2023 01:57:04 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
711333.gif
id.rlcdn.com/ Frame 9DAA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
iu3
aax-eu.amazon-adsystem.com/s/ Frame BB45 		324 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8ff7b45adb5a57b1a3db6498e5efa2619286d9ad375c7dac62b3d08c62befb6b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
324
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 21 Sep 2023 01:58:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
6HG1EB4JTFJZ75YETB96
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 139E 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-137-210.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 21 Sep 2023 02:13:05 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 139E 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:59:57 GMT
content-encoding
gzip
via
1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
3489
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
shIRsiLVrFre1CeGedUVBwr5eJ85xlFdjabjmhraXKLxk1ziPpc9Gg==
hadron.js
cdn.hadronid.net/ Frame 139E 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&ref=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&_it=amazon&partner_id=407
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907P0TB94S36DGVM
age
5222
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
809eb379eed091ed-FRA
x-amz-id-2
h/ONXLwae6iM09gh9FAps6RtAYH3Y0Kwsp/Odih6j7jcgPhpo1/xVSCaJJeV+QY3MnwBFDbKvY0=
92bb6886-83
aps.zqtk.net/ Frame 139E 		0
0
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 139E 		138 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a170a7411835031a08ba9a8499c88b73eb0e9ca71729ad3bdcfce3c4332242
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 09:30:49 GMT
server
cloudflare
x-amz-request-id
XMGCEV55DCNN0JQK
age
2374
etag
W/"6f2e4365e45d56ebb0820172e6b3d823"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
809eb37988f13605-FRA
x-amz-id-2
oNQKL0R5lo+KLSo5W3+bmxpkZmLzQlm3B9Wm3uUuQK18VYTh6VAuLfWghoNc51qeh005v4aCr58=
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Sep 2023 01:58:05 GMT
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame 4281 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B98) /
Resource Hash
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
gzip
last-modified
Tue, 25 Jul 2023 08:27:40 GMT
server
ECS (amb/6B98)
age
2592
etag
"9e933d8729750cb1d59e5a7d678dc74d:1690276515.341544"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
3066
CookieSync.min.js
csync.smartadserver.com/rtb/csync/ Frame 4281 		74 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:366b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jul 2023 09:30:57 GMT
Server
AkamaiNetStorage
ETag
"0dec18a9648b57994b6d38816a4f0f72:1688378499.997788"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
TemplatePool.min.js
csync.smartadserver.com/rtb/csync/ Frame 4281 		148 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:366b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
14a32594b479cf64cb7525d2b3a369076e0b8b048f96bfb0222799ddd8ec949c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Sep 2023 14:59:02 GMT
Server
AkamaiNetStorage
ETag
"745875b7aa8e6449073842688e9dec51:1694531219.892985"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4013
t
t.lkqd.net/ Frame FC37 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:05 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:05 GMT
server
nginx
sync.html
s.spotim.market/ Frame 8ECE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:261:2acb::2 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Adtelligent /
Resource Hash
7b2773a16d7a49f0585878fd5063c7ba26951b71feafabf4995b2563ce314eaa

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://visitor.omnitagjs.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1058
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 01:58:05 GMT
Server
Adtelligent
X-Robots-Tag
noindex
usync.html
eus.rubiconproject.com/ Frame E0F0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 01:58:05 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 21 Sep 2023 01:58:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
cm
us-u.openx.net/w/1.0/ Frame 47FC 		620 B
705 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1695261484783&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8ff01348bfe6ea973389bcde9ac13ee9aeb13b9db99b23435df7e7f16243f295

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
391
content-type
text/html
date
Thu, 21 Sep 2023 01:58:05 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B5EE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1695261484783&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132161
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 21 Sep 2023 01:58:05 GMT
expires
Fri, 22 Sep 2023 14:40:46 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/ Frame D230
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.richaudience.com%2F1a12a024f8f9561c49164bbaf87ed164%2F%3Fuid%3D[sas_uid]&gdpr=0&gdpr_consent=&nwid=2441/
  • https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=906539967438444046
95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=906539967438444046
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1695261484783&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
date
Thu, 21 Sep 2023 01:56:45 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/1a12a024f8f9561c49164bbaf87ed164/?uid=906539967438444046
date
Thu, 21 Sep 2023 01:58:04 GMT
content-length
0
/
sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/ Frame D230
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.richaudience.com%2Fa939d25b950298d0a5d324cea4fcd3d1%2F%3Fuid%3D$UID&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7078119663561859382&gdpr=0&gdpr_consent=
95 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7078119663561859382&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1695261484783&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
date
Thu, 21 Sep 2023 01:56:45 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
an-x-request-uuid
0d6d9214-3e8b-4c13-b24d-c14dcab50afc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.richaudience.com/a939d25b950298d0a5d324cea4fcd3d1/?uid=7078119663561859382&gdpr=0&gdpr_consent=
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame D230
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=richaudience&gdpr=0&gdpr_consent=&user_id=2d543cf9-d417-4db4-8b61-1zz1695261405
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=288a0a7b-baec-457a-b3a8-f6f3afd79784&ssp=richaudience&gdpr=0&gdpr_consent=
42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=288a0a7b-baec-457a-b3a8-f6f3afd79784&ssp=richaudience&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1695261484783&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=288a0a7b-baec-457a-b3a8-f6f3afd79784&ssp=richaudience&gdpr=0&gdpr_consent=
date
Thu, 21 Sep 2023 01:58:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
bid
s.seedtag.com/c/v2/tag/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/v2/tag/bid
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
fc85ea289166847f8403c00ed3d19d3f8966d6adb3be4d38282eac2499c38bb2

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
gzip
via
1.1 google
server
openresty
etag
W/"1ce7-6wWDaHoe+taKC/rLVUcHDgQfRlw"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cs
cs.lkqd.net/ Frame 25CF
Redirect Chain
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_ce3f21a1-f6ad-43e1-92a3-b091e8bbd8f0
43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_ce3f21a1-f6ad-43e1-92a3-b091e8bbd8f0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_ce3f21a1-f6ad-43e1-92a3-b091e8bbd8f0
date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cm
p.rfihub.com/ Frame 25CF 		42 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:05 GMT
Cache-Control
no-cache
Server
Jetty(9.4.51.v20230217)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cs
cs.lkqd.net/ Frame 25CF
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%2...
  • https://a.tribalfusion.com/i.match?p=b30&u=7beYp_ofopg&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
  • https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662085148528352
0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662085148528352
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
6321
content-type
text/html
location
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662085148528352
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
809eb37becd20211-ZRH
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs.lkqd.net/ Frame 25CF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/lkq
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAGosE7KF0YAABnKmyoZjw
43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAGosE7KF0YAABnKmyoZjw
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAGosE7KF0YAABnKmyoZjw
Date
Thu, 21 Sep 2023 01:58:05 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cs
cs.lkqd.net/ Frame 25CF
Redirect Chain
  • https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
  • https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=3Z5VJoqYVybGylV3ippIcYjKB3XGnV1z2ZN7WgQO
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=3Z5VJoqYVybGylV3ippIcYjKB3XGnV1z2ZN7WgQO
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=3Z5VJoqYVybGylV3ippIcYjKB3XGnV1z2ZN7WgQO
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8867 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 01:58:05 GMT
pixel;r=327812052;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos...
pixel.quantserve.com/ Frame CB75 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=327812052;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml;ref=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml;uht=2;fpan=1;fpa=P0-1955577917-1695261484814;pbc=;ns=1;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;d=globo.com;dst=1;et=1695261485222;tzo=-120;ogl=;ses=46e0cda2-f74f-493e-9d68-91de2b1a84c1;mdl=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 279E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 01:58:05 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 21 Sep 2023 01:58:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 383A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 01:58:05 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 21 Sep 2023 01:58:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame C74B 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 7B40 		684 B
786 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
d147b57fc6e0d0c683ba5a151708c5a907d50aad859fadf0768bf3becc9b76c5

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
684
content-type
text/html
date
Thu, 21 Sep 2023 01:58:04 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 139E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 01:58:05 GMT
/
sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/ Frame 47FC 		95 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a9b03dc9bdef0bcb818e9c4110ca0368/?uid=40d5b6a4-20a1-47d0-b53f-3358d328952b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
date
Thu, 21 Sep 2023 01:56:45 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
sd
us-u.openx.net/w/1.0/ Frame 47FC
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=539254dae2df1774&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIki6A7a9zuwNlm47tAAAAAAA&expiration=1695347885&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIki6A7a9zuwNlm47tAAAAAAA&expiration=1695347885&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAIki6A7a9zuwNlm47tAAAAAAA&expiration=1695347885&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
dds
rtb.openx.net/sync/ Frame 47FC
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=fS51ctEZyYgIdvLULXbM2w==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
36bf990a-e833-e2ef-dfd5-a89601383b28
pr-bh.ybp.yahoo.com/sync/openx/ Frame 47FC 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/36bf990a-e833-e2ef-dfd5-a89601383b28?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:970f:dde0:5c57:1e8b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame 47FC
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=7c2b990e-db94-446e-afab-8ba7a9b8bc8b&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 21 Sep 2023 01:58:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 47FC
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=yUyoNLW9ZHw7nDJpwtS0&pi=openx&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073053&val=yUyoNLW9ZHw7nDJpwtS0&pi=openx&gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073053&val=yUyoNLW9ZHw7nDJpwtS0&pi=openx&gdpr=0
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT, Thu, 21 Sep 2023 01:58:05 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 47FC
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=TfO4lxr1updWp7jGGvelwBin6sRW8LDCSf7zUgB7
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=TfO4lxr1updWp7jGGvelwBin6sRW8LDCSf7zUgB7
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=5263ff89-48b7-4624-96e0-06c74faea01d&ph=2eba3060-f578-4886-93a0-d9a2346966ea&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2Fa9b03dc9bdef0bcb818e9c4110ca0368%2F%3Fuid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=TfO4lxr1updWp7jGGvelwBin6sRW8LDCSf7zUgB7
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 2F82 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LMSIWYU5-1Y-417D
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 03E4 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
5acb4f8c5ebc0c80915fd5eab10552423c48ca7c6903748c27c5b81712bc782e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1672
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 21 Sep 2023 01:58:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
QPT3S9CFAHBHY4E1SWCK
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 6D7A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f886b95f1f491f6acc454e8e5f253580dd72adbaa928a8a2da9c01a17315bc02
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1672
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 21 Sep 2023 01:58:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
YBQHKRXZYZ0VEW182FPS
usync.js
eus.rubiconproject.com/ Frame E0F0 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
51d124d36cad7f55b97069e9ccd3c06c32174f2d09e959bd9912366b06f12ec6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2023 11:53:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35661
Connection
keep-alive
Content-Length
10516
Expires
Thu, 21 Sep 2023 11:52:26 GMT
supply-feature
il-trc-events.taboola.com/editoraglobo-extra/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=9002&tvi50=10882&lti=trecs&ri=23f7b7d3c0b174d1236a5b1391183449&sd=v2_f5676ad7538d1ad1706607ae3d9d5182_53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac_1695261484_1695261484_CNawjgYQmf9JGK7I1aurMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac&pi=/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&wi=3675370630977947700&pt=text&vi=1695261484078&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A805%2C%5C%22articleClasses%5C%22%3A%5C%22wall%20protected-content%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22DIV%5C%22%2C%5C%22threshold%5C%22%3A%5C%22700%5C%22%7D%22%7D&tim=03%3A58%3A05.268&id=7434&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/editoraglobo-extra/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=9002&tvi50=10882&lti=trecs&ri=23f7b7d3c0b174d1236a5b1391183449&sd=v2_f5676ad7538d1ad1706607ae3d9d5182_53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac_1695261484_1695261484_CNawjgYQmf9JGK7I1aurMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac&pi=/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&wi=3675370630977947700&pt=text&vi=1695261484078&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22805%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A58%3A05.272&id=8182&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230920-27-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Sep 2023 00:13:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Sep 2023 01:58:05 GMT
spa-detector.20230920-27-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230920-27-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b06d2520237ab14e555455ec9da0066deed1e43cc53ba14492e1682244d46baa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
LdbuDKhZiu.fjJcihSpAzqqeKnwtWkj6
content-encoding
gzip
via
1.1 varnish
date
Thu, 21 Sep 2023 01:58:05 GMT
x-amz-request-id
1MJD7FDEQXJ3Q075
age
40792
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
779
x-amz-id-2
+7Xwdan4z9fSKx3FbhS2AFF3ozAa08OXQXBCn3piJpYztNcz5Y219w85Uk3C2Zn9ycx/sEduxdQ=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 20 Sep 2023 14:38:13 GMT
server
AmazonS3
x-timer
S1695261485.296288,VS0,VE0
etag
"6d625fcb9ebda27aa41361d5906c4b1f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
48
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
37632
supply-feature
il-trc-events.taboola.com/editoraglobo-extra/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=9002&tvi50=10882&lti=trecs&ri=23f7b7d3c0b174d1236a5b1391183449&sd=v2_f5676ad7538d1ad1706607ae3d9d5182_53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac_1695261484_1695261484_CNawjgYQmf9JGK7I1aurMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac&pi=/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&wi=3675370630977947700&pt=text&vi=1695261484078&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A58%3A05.283&id=8785&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/editoraglobo-extra/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/3/supply-feature?route=AM:IL:V&tvi2=-2&tvi48=9002&tvi50=10882&lti=trecs&ri=23f7b7d3c0b174d1236a5b1391183449&sd=v2_f5676ad7538d1ad1706607ae3d9d5182_53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac_1695261484_1695261484_CNawjgYQmf9JGK7I1aurMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac&pi=/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&wi=3675370630977947700&pt=text&vi=1695261484078&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A58%3A05.285&id=4930&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/editoraglobo-extra/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/editoraglobo-extra/log/3/abtests?route=AM:IL:V&tvi2=-2&tvi48=9002&tvi50=10882&lti=trecs&ri=23f7b7d3c0b174d1236a5b1391183449&sd=v2_f5676ad7538d1ad1706607ae3d9d5182_53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac_1695261484_1695261484_CNawjgYQmf9JGK7I1aurMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac&pi=/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&wi=3675370630977947700&pt=text&vi=1695261484078&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1695261485285%7D&tim=03%3A58%3A05.285&id=9188&llvl=2&cv=20230920-27-RELEASE&
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
container.html
d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2B67 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js?cb=31077993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:04 GMT
expires
Fri, 20 Sep 2024 01:58:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Sep 2023 01:58:05 GMT
hadron.json
id.hadron.ad.gt/v1/ Frame 8867 		94 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=407&sync=0&domain=extra.globo.com&url=https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&ref=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&_it=amazon&partner_id=407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817e12d4c03c5d76425e0fd8adaeb5c979daad3e847d47675f94df2b1de2094d

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
809eb37cda57bbd4-FRA
view
securepubads.g.doubleclick.net/pcs/ Frame B062 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstILg32aqIUDfrG1dps7bVrPSqDQugISM5IKqVBK3lQSUtVfJIDk3XIrklM9VirYFmSL4k1Dvqve8Cv1rNXTyy6U5vuSqOtt9NVouQnIWz_nYVNXZueNinUUZc-ygCuLRlsjDkPLovr1sU2dPIIwdhlpWNyx_jjTXfBm7TgAlv4BKgVjBkiwJK-UkVFNcZbTsF2xN1a-G0bw8wj-DndCakuJqNLT_NIrFjPAHCZMILHRgqDDvZxc1b2RG5Y_Qljj7eHGAg2b8RDsxsJ4b815kLRSLl70brRKL-oL1AY0kSC0H2_qq9vWoScR3C7jWV6zKYx4o0_cDxtja4McA1a5BIiEkvXW_lHC9Ga3w&sai=AMfl-YQp513ejeytB_xP3tFoh7BDW7TTSoXg1V4Ls-NP8aImjzSdb_vxDRTPTNBUIrnJ5SieRLLMt-emrKsUHwmkoMi6DQrLNlHEB7bkneyFxnPUkFqKdex-tpzNZ5RKpAw&sig=Cg0ArKJSzDc1FDEYk2BxEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
appnexus-html5-lib-host.min.js
acdn.adnxs.com/html5-lib/host/1.4.0/ Frame B062 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/html5-lib/host/1.4.0/appnexus-html5-lib-host.min.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4d30543ac6e90772e81a0884755c1ec57baacc83daac73fa91e30682c82d13dc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 27 Jan 2023 02:15:19 GMT
Date
Thu, 21 Sep 2023 01:58:05 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
84879
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3768
X-Served-By
cache-lga21953-LGA, cache-fra-eddf8230020-FRA
Last-Modified
Wed, 23 May 2018 13:47:22 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1695261485.476278,VS0,VE0
ETag
W/"5b0570ea-2b85"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
4172, 8441
trk.js
cdn.adnxs.com/v/s/239/ Frame B062 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Wed, 10 Jul 2024 11:56:20 GMT
Date
Thu, 21 Sep 2023 01:58:05 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
6184907
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27646
X-Served-By
cache-lga21944-LGA, cache-fra-eddf8230045-FRA
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
X-Timer
S1695261485.466011,VS0,VE0
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
5, 1284903
it
ams3-ib.adnxs.com/ Frame B062 		0
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fextra.globo.com%252Feconomia%252Fnoticia%252F2023%252F08%252Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&e=wqT_3QKVDOgVBgAAAwDWAAUBCKvGrqgGEIHevOOGw_75Sxi2wr-C0oqinWIqNgkIEihvCjDTPxExSoYa2nbIPxkAAAEC8En0PyH2cp8cBUjbPylnlgSoqWXlPzEAAACgmZnJPzDL7MgKONZEQLlcSAJQ-5bh1wFYzoGVAWAAaImUsAF4gfQFgAEBigEDVVNEkgUG4JgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDU4OTc2OTEsIDApOwEULGknLCA3NDM3NDc3LBEULGcnLCAxODQ4NzYxNRUVLHMnLCAyNzY0MzgwNRkWLHInLCA0NTI0Nzk4NglB8LCSAtkEIUxuYjVwZ2pBOEx3WkVQdVc0ZGNCR0FBZ3pvR1ZBVEFBT0FCQUFFaTVYRkRMN01nS1dBQmdfZ0pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFHb0FRR3dBUUM1QWM0TjE5MHpNLU1fd1FIUjhkYS1wV1hsUDhrQkFBQUFBQUFBOERfWkFidC13VzdZdHV3XzRBR2wtY1VEOVFHYW1aa19tQUlBb0FJQnRRSUEBMwh2UUkBB_BMQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DSkdBZ2lNUUFSZ0NMWnFabVQtaUF4Y0luNXVvSXhBQ0dBRXQFUXRESUhaR1ZtWVhWc2RLSUREZ2lSZ0lJakVBc1lBaTIFjMB1Z01KUVUxVE16bzJNRGN6NEFQRlJJQUUyWmppQzRnRTI1amlDNUFFQVpnRUFjRUVBBVkBAQhESkIBBw0BGDJBUUE4UVENDlBBQUFJZ0Z1Uy1ZQmFlNDZJTUJxUVUBFiBBQUFEd1A3RUYBCgkBCERCQgE3HEVBek1fTV95LigAADkyKAAAWgUoAQHAUEFfNEFXeWlnVHdCYi15NkFqNEJkdjc1d0tDQmdORFNFYUlCZ1NRQmdHWUJnQ2hCZwE1BEFBATggcUFZRXNnWWtDAXQNAQBFHQwARx0MAEkdDDh1QVlLmgKZASF0eGFUWFE6XQIsTTZCbFFFZ0FDZ0FNETWIUEFfT2dsQlRWTXpPall3TnpOQXhVUkp1MzdCYnRpMjdEOVINgBBBQUFCWgEGCQEEQmgJCAEBBEJwAQYJAQRCeAkIAQEQQjRBSWs1gPSbAThEOC7YAgDgAovkReoCmQFodHRwczovL2V4dHJhLmdsb2JvLmNvbS9lY29ub21pYS9ub3RpY2lhLzIwMjMvMDgvZXNwbi12YWktY3JpYXItbWFyY2EtZGUtYXBvc3Rhcy1lc3BvcnRpdmFzLWVtLWFjb3Jkby1jb20tcmVkZS1kZS1jYXNzaW5vcy1uby12YWxvci1kZS11cy0yLWJpbGhvZXMuZ2h0bWyAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2APKpU3gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTk1LjIwNi4xMDUuMTMxqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQPMTE4MzMjQU1TMzo2MDcz2gQCCAHgBAHwBPuW4dcBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFmp4E-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBvmPAdoGFgoQAAAAAAAAAAAAAAChc3gAEAAYAOAGAfIGAggAgAcBiAcAoAcByAeB9AXSBw0JBSMAAAkmDNoHBggJL7QHAOoHAggA8AeB9gyKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=9349789af3f63edd7e70e1c4884e9fe10f8c3882
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
an-x-request-uuid
a42c4feb-f94f-4df0-b4c9-6807f53b0d0e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B062 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 01:58:05 GMT
wt
t.pubmatic.com/ Frame 139E 		17 B
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.pubmatic.com/wt?pubid=157163&purl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&tst=1695261485&iid=2e997058-92aa-4239-ac84-b4633e5b6169-finfe&bidid=9c80de67421e3f&origbidid=9c80de67421e3f&pid=4983&pdvid=7&slot=%2F138871148%2Fextra.globo.com.dw.728x90.inter&au=%2F138871148%2C85042905%2Fextra.globo.com.dw.728x90.inter&bc=appnexus&pn=appnexus&en=0.19&eg=0.19&kgpv=extra.globo.com.dw.728x90.inter(%24%7C.refresh%24)%40.*%40728x90&piid=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
content-length
17
content-type
text/plain; charset=utf-8
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=407&sync=0&domain=extra.globo.com&url=https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
809eb37c09dfbbd4-FRA
content-length
0
content-type
application/json
date
Thu, 21 Sep 2023 01:58:05 GMT
debug
OPTIONS block
expires
Fri, 20 Sep 2024 01:58:05 GMT
server
cloudflare
sync
visitor.omnitagjs.com/visitor/ Frame 7B40 		49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=906539967438444046&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0
redir
rtb-csync.smartadserver.com/ Frame 7B40
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAGJ2E7KF0YAABiP_Kr8NA&partnerid=127&gdpr=0
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AAGJ2E7KF0YAABiP_Kr8NA&partnerid=127&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partneruserid=AAGJ2E7KF0YAABiP_Kr8NA&partnerid=127&gdpr=0
Date
Thu, 21 Sep 2023 01:58:05 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
9.gif
id5-sync.com/i/102/ Frame 7B40 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 21 Sep 2023 01:58:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
/
rtb-csync.smartadserver.com/redir/ Frame 7B40
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=Lir5Nnks-zY1fvlneS7kYXt-q2U1KfFjKidiOtNp
43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=Lir5Nnks-zY1fvlneS7kYXt-q2U1KfFjKidiOtNp
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=Lir5Nnks-zY1fvlneS7kYXt-q2U1KfFjKidiOtNp
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 7B40
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=906539967438444046&gdpr=0&gdpr_consent=
0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=906539967438444046&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.28.250.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-250-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=906539967438444046&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B1AA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
39154
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 15:05:31 GMT
expires
Thu, 19 Sep 2024 15:05:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 54B3 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ca4b4c6b2668c131d23a70cb70891743c9b8455664733c1c3fcd5a5cb854ff36
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-K4sLVrtMpZxWF5OseVVg3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-K4sLVrtMpZxWF5OseVVg3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:05 GMT
expires
Thu, 21 Sep 2023 01:58:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F8C4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
39154
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 15:05:31 GMT
expires
Thu, 19 Sep 2024 15:05:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C120 		829 B
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
22ae64a982868c1e692549ed67637d8d4eb46346000245669135afc59824d687
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RsEJquSHCjre_SE__n8oSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
535
content-security-policy
script-src 'report-sample' 'nonce-RsEJquSHCjre_SE__n8oSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:05 GMT
expires
Thu, 21 Sep 2023 01:58:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame 383A 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
51d124d36cad7f55b97069e9ccd3c06c32174f2d09e959bd9912366b06f12ec6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2023 11:53:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35661
Connection
keep-alive
Content-Length
10516
Expires
Thu, 21 Sep 2023 11:52:26 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 8867 		33 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
80b93bf8d763f90c30e556a1f6b010e9855c6f0165f2f25ba960ae9f0374b641
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
segment
api.permutive.com/adv/v2/ 		14 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
Rubicon
s.seedtag.com/cs/cookiesync/ Frame 2F82
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&khaos=LMSIWYU5-1Y-417D
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LMSIWYU5-1Y-417D
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LMSIWYU5-1Y-417D
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=5032-5905-01&pc=BR
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LMSIWYU5-1Y-417D
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
st
imprammp.taboola.com/ Frame 6E66 		577 B
437 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&cmcv=&pix=undefined&cb=1695261485694&uv=3341&tms=1695261485694&abt=expl_vE!nonrv_vA!tbt_lit_unit!ufm_vD!ul3342_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=424acf55-9663-46d1-913d-ae6a047c0de6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
825f7901b25bf74fd5f86f17898900c221cce1f9147b92d848de56faaa79985e

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 21 Sep 2023 01:58:05 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230092-FRA
x-timer
S1695261486.722318,VS0,VE10
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&cmcv=&pix=31589837&cb=1695261485694&uv=3341&tms=1695261485694&abt=expl_vE!nonrv_vA!tbt_lit_unit!ufm_vD!ul3342_vB&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1695261477663.5!ts:1695261485694&mntl=1
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-length
0
server
nginx
usync.js
eus.rubiconproject.com/ Frame 279E 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
51d124d36cad7f55b97069e9ccd3c06c32174f2d09e959bd9912366b06f12ec6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2023 11:53:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35661
Connection
keep-alive
Content-Length
10516
Expires
Thu, 21 Sep 2023 11:52:26 GMT
/
onetag-sys.com/match/ Frame 6D7A 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 03E4 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
v1
lb.eu-1-id5-sync.com/lb/ Frame 139E 		33 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
80b93bf8d763f90c30e556a1f6b010e9855c6f0165f2f25ba960ae9f0374b641
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame 49F1 		267 B
186 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWkdIt1z2q06Qbe8bxW3JRuxJSnlRxGS-8zc26oCqqrVafGZxV4uSeCCdzFRXwP99HwiEW-D_qgKYHLcewlBcrHTxWMhA
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
101
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2B67 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31438
x-xss-protection
0
server
cafe
etag
13183557946744512263
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 21 Sep 2023 01:58:05 GMT
d5a7103b-7542-41c9-936c-36a578ea9b6a
a4548.casalemedia.com/impression/v2/295013/85/ck5q6b80fmq81bub53f0/ Frame 2B67 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4548.casalemedia.com/impression/v2/295013/85/ck5q6b80fmq81bub53f0/d5a7103b-7542-41c9-936c-36a578ea9b6a?verifieD=1&userID=ZQujKutf4JN9V-XEBbC8xQAA&cmpro=5191&deviceType=2&expiryTime=1695262085&profileIDs=&creativeID=18d3727&pubID=187924&format=banner&channel=site&ap=ZQujLAAOW_0K4DbZAAIyDeeHD6dKegU8eZg4vQ
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.62.230 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:05 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B67 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CjswRPIExgWunOWFvWIuLRWH3iAHVP9xc-I74L2_HV2Q_l4oniEpBBO4gYwlMa_CTMo06rEuhu2fqdvVASmI6BktCJCxw-dxVaKbtwO3cHO-L9l4Q
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B67 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16302050988041155227&x=13&ct=77
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
r62eglto.js
ad4m.at/ Frame 2B67 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
120453
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRFj6daXxb9%2BGEsA4kV0iKgGDY3w6txkgEN2TAOfaqXq42LmasFyjBvgM9aTdOS%2Fgf8M2xnjxPrhgxg1P%2BNOSkzfZCIxECNPlWg%2B2ER7ifMwL7lSDpOa6EXUTCxtwn%2FUY8f5ZFY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
809eb37e7a03915c-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 19 Sep 2023 16:30:22 GMT
analytics.js
s.update.indexww.com/2/974276/ Frame 2B67 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.indexww.com/2/974276/analytics.js?ac=4443522&ap=&bt=programmatic&cb=306033568693174406&cr=26031911&de=2&di=extra.globo.com&dm=728x90&gt=CH&md=1&pc=37681&pi=26031911&pp=187924&pv=69d02f4a-d031-4176-9856-493aafac93e4&si=295013&sr=indexexchange.com&ti=1&to=3&ui=ZQujKutf4JN9V-XEBbC8xQAA
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8590417c0f123ce5b22d3ff97470d890f6711555ee3f6aba0de52d8e9a6ef381
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:05 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
2721
Expires
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 2B67 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/window_focus_fy2021.js
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 15:04:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
39214
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 15:04:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/ Frame 2B67 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230918/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:38:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
22766
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 19:38:39 GMT
l
www.google.com/ads/measurement/ Frame 2B67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSguEGIhV4kR7ExbjmimHKGtFYHatKHeS75DovjLQr17xj8NdJeonE6T41v663Jo9d45S4nlsIhCciKdqKjRPO_6unTfw
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2B67 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 07:26:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
153115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Sep 2024 07:26:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2B67 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 01:58:05 GMT
all
csm.eu.criteo.net/ Frame 2155 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=IIIHpnKe1Ktls8WuMgyU8otKB-Y4WUHrXmrxZOiUCqLysmxiIrsX79NRUWoH63uDMHHuZBub7PAkh3RRH8yIfnBIJ5ASISYWHHueNAgMyISRR7tJSsh040TP8Z5tjVr0QEZ5py_LhSTXwLZvZ6mcpBOFUIokgPo88cLVWbfTqya7WvpvaUgl6n0FJSlGoyHOiLdS_8X9KXxkI0qnqWuvuTvoOZlfPXBNLMWFFdIpxMHbmPxggQIQrKzw5hu_mNswINYlJQ&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQANS_UK3oybAAyIvCpqjTFF5NKTH8769g&u=%7CXjATkX2pIQMvags1HSAP1Xb8sZO4B3C15X3VZHFq4Qk%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2VbjBE30yWNVeKP-DrcZK6qd_0LxqtSDAZxv2BjuWqB9fvfvkS9v5w06kORLnDFW4WFHWZCGveMIXJ2_HgVihJtftdeIwXVT4D7BVnfBbApVDJkT3fhjLCHSKNbdEYzbMiJMH7OtBw4ZSdfJUN5BibbbJ5l5ppPmlUSpwq1YVMH4zvYpZqW2C0tR4le1JdSyKEo2F8wjY8PlyDYS3p4PuHhF-36NwrHCXMO4z59plZ6tNYo3ebAyMWH68tRvW_3K_yWH1TZfhRghzMwM3vM7kzx6WQIYXJujvrxEy7_3UdsE4caRACRUirbE5q0OEUwOCDn8-SBX4RdXLy0wBOhGwJyREx8U9MfI3EogQ_TFG5DofmzHfj6Ea5uYDb9Y1LjUz1dN0j8B4zNvMIPkDGDlGYcetd1eB5lepZfXyyHCQ0BD6qHU3HBPHkhnBK1jTN4cwUrU-NeexsvkWS05SihvPqttQqBcZIJDhXwy6TERkQMNU5QfO_FGgPZg4otvA7Ds8egYcBUCySIMaIvP8JWvI40Zvt_HmCIXwF5ePu9m0VZHPc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwomaKaMLZfWXNZuZ-ga8kbLQD8me0rFc9Z2Y93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCujd5SF7isT7gAgCoAwHIAwKqBK0DT9CB_btKipgKfAsQnSR3Mu9etGmWuKDi3OHsGX-5FbBgSNxWAjWbmxGAefL9Jy_S39N_5pHyBgZncmTsAPmw90AAbgxjS_ugUcjMpX8Y_nKlNvP-RwCiBK_cVh9XaOY1F1XyYPmGFKOeSRDVXkA4kTc8qatZo2SxMCGoDKXURieu-LJbw1J7dvJHoOs-bzaOoE90Vs0nhAlCCITu6IsKaA2oZpf97omYZ-RkQtl8j3ELZTKWZVWdmFtzZc-gaSTheICfrgT9TCWj8w77d7vt23muZGH_C4KzxLkkrRobSrz8ksWotMMvj_99oCX1KplLf61IAdiGaG82i_WUljzcSh5RkkKXFQzw5zzugeS3GFYlv1aTeFZH4BDsqJF2pnVT2RCEGJwv5XtIj48X0JtlQWoCoEg2WBtGBkxet-gQmOZaxV0EIlLrm__LfD3x2OZMPZhGrBhywU-76L4WMp6MjgUr-8x0eLIIqnwnsnpbWjbri6IrYhYVcz5amzZ7dujy_FAblJft3L3CJ64atpMBk1Gdv_sULjHvYx6o-hL-XycEveNzcpRZU_J_kXz34AQBgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvi_STlc2BsAZ4UwDyyFP2He77Q%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:05 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 442D 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
407
a.ad.gt/api/v1/u/matches/ Frame 8867 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/407?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&ref=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&_it=amazon&partner_id=407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce482ff8e187324dd84a7742030cad19c4cbdb4302904e7ccf7d20d33000f518

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Thu, 21 Sep 2023 01:47:57 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
809eb37ebd3603f4-FRA
sync
am-match.taboola.com/ Frame 8A8D 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
825f7901b25bf74fd5f86f17898900c221cce1f9147b92d848de56faaa79985e

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 21 Sep 2023 01:58:05 GMT
machineid
3407
server
nginx
amzns2s
rtb.gumgum.com/usync/ Frame DDF4 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.35.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-35-108.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d8ca3b55f0719e075e41ff4ef72119027dd7952f5363650e81d56a8ff8f80e46

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 21 Sep 2023 01:58:05 GMT
etag
W/"0f4b99cfe6fbb1d29dd48e1ed4f66aec7"
server
nginx
timing-allow-origin
*
/
match.sharethrough.com/jwumXNuB/v1/ Frame 1696 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.250.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-250-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
ecm3
s.amazon-adsystem.com/ Frame BAB5
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7d061bcdbd2b24a4&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAIki6A7a9z0wMNjJLUAAAAAAA&expiration=1695347885&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAIki6A7a9z0wMNjJLUAAAAAAA&expiration=1695347885&is_secure=true
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
Q7253587EXGKYJQPB78C

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Thu, 21 Sep 2023 01:58:05 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAIki6A7a9z0wMNjJLUAAAAAAA&expiration=1695347885&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B9A2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=7078119663561859382&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=7078119663561859382&ex=appnexus.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
DNMQA1ZJH502E1HJ1PA1

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
1659ce9c-ea30-48ea-af51-60a495e8fc77
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 21 Sep 2023 01:58:05 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=7078119663561859382&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
amzns2s
rtb.gumgum.com/usync/ Frame E78F 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.35.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-35-108.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dd19f0c92d5779bb3ca366dd57ea540d4068c78fe32b5659ec9d3cfcfd65ed3a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 21 Sep 2023 01:58:05 GMT
etag
W/"0274a21d374760227e5fa4c93e2660e44"
server
nginx
timing-allow-origin
*
/
match.sharethrough.com/jwumXNuB/v1/ Frame 6817 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.250.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-250-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
khaos.json
token.rubiconproject.com/ Frame E0F0 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LMSIWYU5-1Y-417D
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
ab
ams3-ib.adnxs.com/ 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&e=wqT_3QKTD_RbApMHAAADANYABQEIrcauqAYQnc_Z7f_fkeN3GLbCv4LSiqKdYio2Cdd-DUiP7jRAEXfodarpSTNAGQAAAAApXAtAIXfodarpSTNAKS540VeQ7jRAMQAAAKBH4do_MKyOxgc4qR9A7GxIAlDk7braAVi8429gAGjPglZ4w_YFgAEBigEDVVNEkgEDQlJMmAEBoAEBqAEBsAEAuAEDwAEFyAEC0AEJ2AEA4AEA8AEAigI-dWYoJ2EnLCA2Nzk5OTM2LCAwKTt1ZignaScsIDg5NDEyNjcsIDApO3VmKCdyJywgNDU4MTQzNDYwLCAwKTuSAoEEITUxN0cwZ2pDaDhFYkVPVHR1dG9CR0FBZ3ZPTnZNQUE0QUVBQVNPeHNVS3lPeGdkWUFHRC1BbWdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQUtnQkFMQUJBTGtCTmJWb3VGaklNa0RCQVN1bUgxeVE3alJBeVFFQUFBQUFBQUFBQU5rQnUzN0JidGkyN0RfZ0FkUGRvUVQxQVd6RGwwR1lBZ0NnQWdDMUFnQUFBQUM5QWdBQUFBREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNek9qWXhOREhnQThWRWdBU05wdndMaUFRQWtBUUFtQVFCd1FRQUFBQUFBQUFBQU1rRUFBQUFBQUFBQUFEWUJBRHhCQUFBQUFBQUFBQUFpQVg5TDVBRm1QZHNxUVZ5YmFnWTUyOFRRTEVGQUFBQUFBQUFBQURCQlFBQUFBQUFBQUFBeVFVQUER8ghORUYRCxRBQURaQlEZDvBANEFXRjRYX3dCZFNsNVFyNEJjQ0Vud09DQmdORFNFYUlCZ1NRQmdHWUJnQ2hCbnNVcmtmaGVvUV9xQVlFc2dZa0MdTABFHQwARx0MAEkdDEx1QVlLmgKZASEzQmNHRndqQ2g4RVkF2Ex6amJ5QUFLQUF4ZXhTdVItRjZoRDg2Q1VGTlV6TTZOakUwTVVERlJFbTdmc0Z1Mkxic1AxRUEVzwRGaxULBEFHHRgARx0YAEgdGBBIZ0FpUR0Q9GkBQS4u2AKfRuAC6qld6gKZAWh0dHBzOi8vZXh0cmEuZ2xvYm8uY29tL2Vjb25vbWlhL25vdGljaWEvMjAyMy8wOC9lc3BuLXZhaS1jcmlhci1tYXJjYS1kZS1hcG9zdGFzLWVzcG9ydGl2YXMtZW0tYWNvcmRvLWNvbS1yZWRlLWRlLWNhc3Npbm9zLW5vLXZhbG9yLWRlLXVzLTItYmlsaG9lcy5naHRtbPICEQoGQURWX0lEEgc2Nzk5OTM28gISCgZDUEdfSUQSCDIyNjMxMTI08gIKCgVDUF9JRBIBMPICDQoIQURWX0ZSRVESATDyAg0KCFJFTV9VU0VSEgEw8gIMCghBRFZfQ09ERRIA8gIMCghDUEdfQ09ERRIA8gILCgdDUF9DT0RFEgDyAhAKBUlPX0lEEgc4OTQxMjY38gILCgdJT19DT0RFEgDyAhMKD0NVU1RPTV9NT0RFTF9JRBIA8gIaChZDVVMZFhxMRUFGX05BTQUzFB4KGkNVUx0dKEFTVF9NT0RJRklFBT4cDQoIU1BMSVQB-fRTAQEwgAMAiAMBkAOY92yYAxSgAwGqAwDAA-CoAcgDANgDyqVN4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQPMTk1LjIwNi4xMDUuMTMxqAQAsgQSCAQQBBj4BiDSBCgBKAIwADgEuAQAwAQAyAQA0gQPMTM5MzIjQU1TMzo2MTQx2gQCCAHgBADwBOTtutoB-gQSCQAAAGDDs0dAEQAAAMBi3yBAiAUBmAUAoAX___________8BqgUiNjljNDBkMzYtNDE5ZC00YTIzLWFjMzctMV9BcHBOZXh1c8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaBs-gUECAAQAIoGgAFFaFNuUmxvQUFBQURBQWtDQlFFSXNvM2tDaERGeE1zQ0dPMlg1Z01nQmlnQVFNT3RqUXBJdkpUNkMxREZSRmp0TG5FQUFBQUFlQBBIZ0FnUX0XAEmtcCxKb0JBZ2dBcUFFQXMuIABAQS4ukAYBmAYAogYONDAwOSMlICA1OTk3uAYAwQbBqjQAAPA_0Ab58wPaBhYKEAkSGQEkEAAYAOAGBOoGKME3OGEnLCA1NDMxODc3LCAwKdVfEDc5NjU2DRRU8gYCCACABwGIBwCgB0DIB8P2BdIHDTUkAVEM2gcGCAUJvOAHAOoHAggA8AeB9gyKCAIQAJUIAACAP5gIAcAIn0bSCA4IgYKEiJCgwIABEAAYAA..&s=45b9499f288597b72b659fa3993a545c71c59e51&pp=19.288722
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
671906991d0d3028fd621283623a2c849adea4a0b8800f19c1b68873596adec5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:05 GMT
content-encoding
gzip
x-creative-id
458143460
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
pragma
no-cache
an-x-request-uuid
9290ff82-c7c2-47fd-bd63-3f52c5563bf5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
expires
Sat, 15 Nov 2008 16:00:00 GMT
index.html
crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/ Frame 5FD4 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/html5-lib/host/1.4.0/appnexus-html5-lib-host.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
7de69759ddcb9e9368125d45e2232206cc918fcee9bbb765a91ddfc9dc5a3975

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=3888000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2589
Content-Type
text/html
Date
Thu, 21 Sep 2023 01:58:06 GMT
ETag
W/"5734187347a99122dbc5357f8d4097f6"
Expires
Sun, 05 Nov 2023 01:58:06 GMT
Last-Modified
Tue, 18 Jul 2023 12:38:48 GMT
Server
nginx/1.21.3
Vary
Accept-Encoding
X-Clv-Request-Id
85489953-ae9e-46d1-b8fe-deeee5175690
X-Clv-S3-Version
2.5
x-amz-request-id
85489953-ae9e-46d1-b8fe-deeee5175690
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1C9A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8790&pub_id=1980867
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
69733
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 21 Sep 2023 01:58:05 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5289, 385013
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230020-FRA
X-Timer
S1695261486.870749,VS0,VE0
rd_log
ams3-ib.adnxs.com/ Frame B062 		0
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&e=wqT_3QKkDugkBwAAAwDWAAUBCKvGrqgGEIHevOOGw_75Sxi2wr-C0oqinWIqNgkIEihvCjDTPxExSoYa2nbIPxkAAAEC8En0PyH2cp8cBUjbPylnlgSoqWXlPzEAAACgmZnJPzDL7MgKONZEQLlcSAJQ-5bh1wFYzoGVAWAAaImUsAF4gfQFgAEBigEDVVNEkgUG4JgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDU4OTc2OTEsIDApOwEULGknLCA3NDM3NDc3LBEULGcnLCAxODQ4NzYxNRUVLHMnLCAyNzY0MzgwNRkWLHInLCA0NTI0Nzk4NglB8LCSAtkEIUxuYjVwZ2pBOEx3WkVQdVc0ZGNCR0FBZ3pvR1ZBVEFBT0FCQUFFaTVYRkRMN01nS1dBQmdfZ0pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFHb0FRR3dBUUM1QWM0TjE5MHpNLU1fd1FIUjhkYS1wV1hsUDhrQkFBQUFBQUFBOERfWkFidC13VzdZdHV3XzRBR2wtY1VEOVFHYW1aa19tQUlBb0FJQnRRSUEBMwh2UUkBB_BMQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DSkdBZ2lNUUFSZ0NMWnFabVQtaUF4Y0luNXVvSXhBQ0dBRXQFUXRESUhaR1ZtWVhWc2RLSUREZ2lSZ0lJakVBc1lBaTIFjMB1Z01KUVUxVE16bzJNRGN6NEFQRlJJQUUyWmppQzRnRTI1amlDNUFFQVpnRUFjRUVBBVkBAQhESkIBBw0BGDJBUUE4UVENDlBBQUFJZ0Z1Uy1ZQmFlNDZJTUJxUVUBFiBBQUFEd1A3RUYBCgkBCERCQgE3HEVBek1fTV95LigAADkyKAAAWgUoAQHAUEFfNEFXeWlnVHdCYi15NkFqNEJkdjc1d0tDQmdORFNFYUlCZ1NRQmdHWUJnQ2hCZwE1BEFBATggcUFZRXNnWWtDAXQNAQBFHQwARx0MAEkdDDh1QVlLmgKZASF0eGFUWFE6XQIsTTZCbFFFZ0FDZ0FNETWIUEFfT2dsQlRWTXpPall3TnpOQXhVUkp1MzdCYnRpMjdEOVINgBBBQUFCWgEGCQEEQmgJCAEBBEJwAQYJAQRCeAkIAQEQQjRBSWs1gPDJOEQ4LtgCAOACi-RF6gKZAWh0dHBzOi8vZXh0cmEuZ2xvYm8uY29tL2Vjb25vbWlhL25vdGljaWEvMjAyMy8wOC9lc3BuLXZhaS1jcmlhci1tYXJjYS1kZS1hcG9zdGFzLWVzcG9ydGl2YXMtZW0tYWNvcmRvLWNvbS1yZWRlLWRlLWNhc3Npbm9zLW5vLXZhbG9yLWRlLXVzLTItYmlsaG9lcy5naHRtbPICEQoGQURWX0lEEgc1ODk3Njkx8gISCgZDUEdfSUQSCHH5ARUIBUNQASgACXX4PPICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8IQ1BHFQ8QCwoHQ1AVDhAQCgVJTwFhBAc3iYIA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cFQoIU1BMSVQBTRnZ8JqAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2APKpU3gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTk1LjIwNi4xMDUuMTMxqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQPMTE4MzMjQU1TMzo2MDcz2gQCCAHgBAHwBPuW4dcBiAUBmAUAoAX______wEFGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBZqeBPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBvmPAdoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB4H0BdIHDRVlASYI2gcGAV6gGADgBwDqBwIIAPAHgfYMiggCEACVCAAAgD-YCAHACADSCAYIABAAGAA.&s=259e30cf4568eb76fd68659897f0dabfbcce28d4&bdref=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml,https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml,https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
an-x-request-uuid
e0089409-bff2-4a8e-805d-07aebf860802
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 383A 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LMSIWYU5-1Y-417D
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
v2
id5-sync.com/gm/ Frame 8867 		276 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
fcebab7040425d78144e6f64230bc8bc0530ff8ee94bcaf5ca73c6bb6d523460
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ECFA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132161
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 21 Sep 2023 01:58:05 GMT
expires
Fri, 22 Sep 2023 14:40:46 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame 7696
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID&gdpr=0&gdpr_consent=
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=3924388147102839183918
43 B
455 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=644680&extuid=3924388147102839183918
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:05 GMT
Etag
e30acaa57d00effe
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Thu, 21 Sep 2023 01:58:05 GMT
location
https://sync.spotim.market/csync?t=a&ep=644680&extuid=3924388147102839183918
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/usync/ Frame 96DD 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
csync
sync.spotim.market/ Frame 8ECE
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1695261485988
  • https://ad.turn.com/r/cs?pid=45&rndcb=5271108355
  • https://sync.1rx.io/usersync/turn/3738334591507536300?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-c4479bd1-9d2e-44e9-b2c2-88384286ff10-003?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-c4479bd1-9d2e-44e9-b2c2-8...
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-c4479bd1-9d2e-44e9-b2c2-88384286ff10-003
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-c4479bd1-9d2e-44e9-b2c2-88384286ff10-003
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:06 GMT
Server
Adtelligent
Etag
e30acaa57d00effe
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-c4479bd1-9d2e-44e9-b2c2-88384286ff10-003
date
Thu, 21 Sep 2023 01:58:07 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXc4479bd19d2e44e9b2c288384286ff10003
content-type
text/html
csync
sync.spotim.market/ Frame 8ECE
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=9ba67081-c100-434f-858e-7e767f3434ec
43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=9ba67081-c100-434f-858e-7e767f3434ec
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:05 GMT
Server
Adtelligent
Etag
e30acaa57d00effe
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://sync.spotim.market/csync?t=a&ep=482928&extuid=9ba67081-c100-434f-858e-7e767f3434ec
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121
sync
visitor.omnitagjs.com/visitor/ Frame 8ECE
Redirect Chain
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636...
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=e30acaa57d00effe&name=OPENWEB
49 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=e30acaa57d00effe&name=OPENWEB
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=e30acaa57d00effe&name=OPENWEB
Date
Thu, 21 Sep 2023 01:58:05 GMT
Server
Adtelligent
Etag
e30acaa57d00effe
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame 6E66 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&cmcv=&pix=undefined&cb=1695261485694&uv=3341&tms=1695261485694&abt=expl_vE!nonrv_vA!tbt_lit_unit!ufm_vD!ul3342_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=424acf55-9663-46d1-913d-ae6a047c0de6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 6E66
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-CE4s.jJE2oQ6UaGkEDqHQmZNGufVrkS.jQoYgQ--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-CE4s.jJE2oQ6UaGkEDqHQmZNGufVrkS.jQoYgQ--~A
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&cmcv=&pix=undefined&cb=1695261485694&uv=3341&tms=1695261485694&abt=expl_vE!nonrv_vA!tbt_lit_unit!ufm_vD!ul3342_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=424acf55-9663-46d1-913d-ae6a047c0de6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
38381

Redirect headers

date
Thu, 21 Sep 2023 01:58:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-CE4s.jJE2oQ6UaGkEDqHQmZNGufVrkS.jQoYgQ--~A
content-length
0
v2
id5-sync.com/gm/ Frame 139E 		276 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
2a9afaa01916ac083e2db36ea08ecb58e1faaa1e9052215472d333f69c1c667a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_4_1/infra/ 		881 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_4_1/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
12a894204a5610001032f9a8e347e0cb760abb93f761c8123ab1cd98d972a59c

Request headers

Referer
https://extra.globo.com/
Origin
https://extra.globo.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1695114240
date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
AQ4CTPDT6KMFA7HX
age
147108
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1695114241
x-amz-meta-mode
33188
content-length
147316
x-amz-id-2
WesLJrTOw1tuJk97C6gf8/rY2Evba6yVDSdsblCuLtlne41Hs69+jaOoG/OMMhbbKSN80+xD4jI=
x-served-by
cache-fra-eddf8230044-FRA
last-modified
Tue, 19 Sep 2023 09:04:02 GMT
server
AmazonS3-br
x-timer
S1695261486.943735,VS0,VE0
etag
"c4b5725ca52c7e3ae7fadf0f1d504870"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
10815
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_4_1/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_4_1/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.3.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1695114259
date
Thu, 21 Sep 2023 01:58:05 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
KPEQB8YMQQ40GS5G
age
147108
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1695114260
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
1mbUKDEtfuX3yOg2Rmz/FHqzgrV1C5D3WgCmpJ20AxcZ/bkOKT5kNlwIxHopr/Kik4FvJ2oaRLI=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Tue, 19 Sep 2023 09:04:21 GMT
server
AmazonS3-br
x-timer
S1695261486.946713,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
99842
getuid
eb2.3lift.com/ Frame 111A 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 21 Sep 2023 01:58:05 GMT
ecm3
s.amazon-adsystem.com/ Frame 9F0A
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=288fb196025e166b&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAH9u2Vzacs-gNpQnLkAAAAAAA&expiration=1695347885&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAH9u2Vzacs-gNpQnLkAAAAAAA&expiration=1695347885&is_secure=true
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:06 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
VWNNYRMYM7F6V6P9WPKC

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Thu, 21 Sep 2023 01:58:05 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAH9u2Vzacs-gNpQnLkAAAAAAA&expiration=1695347885&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6020
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=7078119663561859382&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=7078119663561859382&ex=appnexus.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
7M0KVG7MH6BK5879K8C5

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
df45bd24-829a-4015-a5c1-eca5b136f883
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 21 Sep 2023 01:58:05 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=7078119663561859382&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
getuid
eb2.3lift.com/ Frame C860 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-sharethrough_n-onetag_cnv_n-nativo_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 21 Sep 2023 01:58:05 GMT
generic
match.adsrvr.org/track/cmf/ Frame 49F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEBVJmLpFoKTllBKQtH85D6Q&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEBVJmLpFoKTllBKQtH85D6Q&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=e613c9023dc8ec0b0b69d93dad5b8930&uid=e613c9023dc8ec0b0b69d93dad5b8...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWkdIt1z2q06Qbe8bxW3JRuxJSnlRxGS-8zc26oCqqrVafGZxV4uSeCCdzFRXwP99HwiEW-D_qgKYHLcewlBcrHTxWMhA
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:06 GMT
Last-Modified
Thu, 21 Sep 2023 01:58:06 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=admans&ttd_tpi=1&gdpr=1&gdpr_consent=
Cache-Control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection
keep-alive
Expires
Mon, 28 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 49F1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWkdIt1z2q06Qbe8bxW3JRuxJSnlRxGS-8zc26oCqqrVafGZxV4uSeCCdzFRXwP99HwiEW-D_qgKYHLcewlBcrHTxWMhA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bulk
trc.taboola.com/editoraglobo-extra/log/3/ 		0
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editoraglobo-extra/log/3/bulk?tvi2=-2&tvi48=9002&tvi50=10882&route=AM%3AIL%3AV&lti=trecs&bulkSize=8
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
70
date
Thu, 21 Sep 2023 01:58:06 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
62187
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230092-FRA
pragma
no-cache
server
nginx
x-timer
S1695261486.983412,VS0,VE70
content-type
image/gif
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sync
visitor.omnitagjs.com/visitor/ Frame E0F0
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=LMSIWYU5-1Y-417D
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LMSIWYU5-1Y-417D&name=RUBICON&gdpr=0
49 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LMSIWYU5-1Y-417D&name=RUBICON&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LMSIWYU5-1Y-417D&name=RUBICON&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
generic
match.adsrvr.org/track/cmf/ Frame 8A8D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 8A8D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-CE4s.jJE2oQ6UaGkEDqHQmZNGufVrkS.jQoYgQ--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-CE4s.jJE2oQ6UaGkEDqHQmZNGufVrkS.jQoYgQ--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
38066

Redirect headers

date
Thu, 21 Sep 2023 01:58:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-CE4s.jJE2oQ6UaGkEDqHQmZNGufVrkS.jQoYgQ--~A
content-length
0
khaos.json
token.rubiconproject.com/ Frame 279E 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=LMSIWYU5-1Y-417D
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
usync.html
eus.rubiconproject.com/ Frame 8584 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&cmcv=&pix=undefined&cb=1695261485694&uv=3341&tms=1695261485694&abt=expl_vE!nonrv_vA!tbt_lit_unit!ufm_vD!ul3342_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=424acf55-9663-46d1-913d-ae6a047c0de6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 01:58:06 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		359 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8be5f11b40d73f6965e5d69189d533173aca057616a3b573316868678c132bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125909
x-xss-protection
0
expires
Thu, 21 Sep 2023 01:58:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B67 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5369611794210&version=m202309120101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B67 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5369611794210&version=m202309120101&ct=77&x=13&cor=16302050988041155000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2B67 		32 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AZK6BAG-g4yL4J4zggQ7_NW7NxJjh3xEf8T7cxuwYGXcAhVNpuGbTgsN4nKX1zYVcY-gxvk88-Vp-8Qikml9INfXSDdtXC2hgbxP0t_L-I4UCWfMJzjZ1BMgH-zuvv_OWzIx9eQIOy8M3pPcTETaL_bYtvzglv03u1vnRWHBhPXmA0Qgg&cry=1&dbm_d=AKAmf-B3a_cXPMqTQD4mBznCVDcR8tfZcTwNZMNwBQqmIuL55xX-5vIqUkRXmrWpOUzKhZqvTPqC54c3IwT4BHaPgI16OjeojuJsJeRG26w_2w1TXuSGY-UBE0d4tCoeDDAuiN2fl4cro6jBm8ZhbVhQyllB9QqsYVgDbgvZt5qI7j-VEIBneniE8RaGE4z22hgneGue0IZ5CKsWB5bXOPQy7pH7_s8f4OAf05igB8jQfTEnI9uKV1L_awmF_6gOVhmAGAO99vxf3bK7xvimWRVErEOKYqAaiVpcuanUlgyJv5874T0PKQdLCJbR-b3HbjnBwTexm9jxLij3j0FurBdJgoSSW9YBFENZqO3WiFOxmIIWY2szBaiANMO9rK4XRuPyzy3InmnhxBOZaQDFIV34rhRV2kpxK_hU_3i1KLguf9_qzHaZNLatYmEyZ48ZttqsAwiO8FPSQl9OXG84gcoOE5AZkTRBXXYMDr4Io9MB9-SOC0uzbjQovn_0epceQxVfX_L-oabmyl9slvkTv7LX5Za59bmZi18wtH1Hs1SezADI_P5wlraJMYN60rad5_W4e65wRUtIa_kEeXP9s72uiSBLe88qIjxJ9WJLgwtaS_1m0H6og2pExmLAqS-eDIxeiswVyJlOnbdmKZ4G-eJyD7_91n581d_EutOiHFDrt6iKYXhXLAsrXqKoAUCgSdzJ5YA8TZy9g-0Li3cr6-RXmRJUzgq_mmno5RPBxyxGjX8cv8pLCljZkZnfej7A968CzY6kRkzvvWw-ZeOSgicAVRH2Gl9sbwX67XYT4SCy1I0yxbU-btnOWNq6qJseCFSdPrUluRqNUIsO_Xz9J7lgqAPUY5KjX4d_F9pQgztwhL5X7SM0KwzEAvac3cGMD9hGszxNPIwdUUtQtoR8H84gicy5Srjz4QK9Rk9JrfzueukQSEmqwzo3JuoyCP-rRfBqJw0c-5blqQhT7-jtLGZ8PpwUvWvBD-O9U9O47Ve4CB2coaiM_ClX5T0Cw-a2n4_UxHFMzmEeyAmUDtBv5_veomWRscORYnsZcT6rBegaUOPk_gAueWB_33xUu5J8o4yc-owTqD8WJe8KGQl-xJH5h_MhkJedbfOMTVuwFiRA5RSLaoORBjmai7UEwmsSyVZ5Kv7o6hEfoD-xnDnJxVigXvUCfnaXlYlDuu6LPJvoAZVp5veLeaMxaG-EgyFGiTtZ-58ND-XOKzUNTyx009_SBJq0kdzwZqDdEs3mufNs1Xn_gCUW5KtDr4FTKKN47a4R-NEmvNqTT7-Q5oxFz1vdsJYbi8ykboUat3JnSIXZTazDLebOeHkVm012Zc02yd1jzRA9ZyruKRYXgYM8LsdkzbGxm6SdXV0ndYckBHRTFVJqlHmxiWRf3M74-Gq4o7P8AZugX-SFMb_meeWQK8m5USTzi-nBIsrLBYRcTc1ga3l3BSadckpD9jx9qZvml7eHp2UvJm0-UofxJso1nBSZLkPPaMuiBH3rJn6qzerxzvYnSlkJ8ADDjkJNowev9i8MhJmCCsSx28N37DlRyY53W1jQwLjhxMja5P1GPcVyM_sSL21Qbyk19BRKLPH-0-kZ9n8LCwpuI7J1cgVYXbsTP9WozAePHfrmZint3yst00jijMHjsPCCsY6ViZBWCofsQMXAfLEY79cG2fTMP2sCEOA1KsMrAWRqVVja4gO2SVwbN8dcSpquFff5aCb8pVIVPjb6Ca_u01vQ0zoc1L0YAaLiP97ET8LMFP0wO41wsGD94V3iMwEndlNLIQAfFdAFrUHRcHeBAadq203o27KGZmvbTq4qidmsUdL8nbmVMTVwiO5_D1prXlTpvn8aPUfU36_UDwUgZU-eh2jXybf1A3I2ipc5efrVtWwnmhBeagUwqrrETErsS1LpkkMqPnbHYhN43zq95g2NtRmshjdWIh-XHPGI7DXgZ4heAwdvIKLZDqAuInIkSd7KHu1qvyjEE34E_cZDavgo0b3LUQ2etusBOP12yZGcDzXvuk3fs-m8Ah1VE1_1utZxs6zOwOJBvqJUx2SMLmfbbKe166mSH0fXioHfc3V5tt3O2o3RGUt8lO1Pu8kifDnn0wTRDor2DZozQFC3K0vwaNNotvZESgBXmaW-fV6a9SHpYN1Nrn8OZOJY2F485TqxTaa0BMbPHL036u9MbWiQkMat0kM8-hFWMR6rf7P7tCHuPzVFkiQ_iOWeEhHP9fotMTylWaiwKc9yzrI-0vi0kOasihd14bEdaJck5aGZiEGN7maT1j8pxchpftzsFmFlF_WhxcjMPx7FXyqPTarHUvZ3NlrUAn_Y5UPPTi5A-_3L7346DXlz1EgA8MdjYiWy2WY8i3vi3CXolNqzc9GQ3xbmZuJipJgWQAbztiVh4QiiPHmeBt4K6aWqO7-etBRy9zgDfTqvm_dyIPXdNVzj0uV1e7Meu_VjYSvrSiv9q70FsMQAw0qf8yFO9iOhY_1K5xiWj_SGKtjj-DtAj44GvV1PSMX9chRzzPCuS7Nrv7RX_PtCFgx6Q5BzYPOa2-eX15Iu8ng4fRa-GzmknVdYkWtPTA1ubxvj4blho-ZtaBOpl3rS3q6UqvkqP2F8y2dZUcGgEPrfwF0wbp2HEzMlkTo147WhNj9JUTv-oguXn0R7K_S8donhxLUh2nQDjSZhrOxWJqUVAxJEp2-5tbKXLJ0-dIP9CU3u00lzIoC_WpVefbqlBSYRR3LLur3j2_ZHtH_4DH1tfgSV2awc1gIeDkLDRuzSaSNcYnvQ3MsJr2rvZa6m3WRsFkIahs-CSdxsPzheNHA5Prk8kyDN2h56kb73AZmvFZycOrxr-YOnAbVpf3mcpJ-YyqQ61niyjIpF1xO2GxrM7c8thNSO-Qhk5qLvPFc8m-IKCM6YZyVZcxWcCL45WoTWiJRTf3tq9D_3ypidNh9Fsfq0e8HNggtHTpvoxKXnN6yujRofLCUphAKrO9BMqDF4Vk1zqsLWOBkqyvvTlZ_dKHZ30PkLXvXDEBzGUu08h9Mm5-4g4hXfVx0xHQsOpX4U_VQrM0Tx5pPZSiwVetoftuhUNk-2p449sbMpYJJumhZE26f--43IFZ7USDS_Rl-b0m6ThW7-lCKLg24l3PJifR8JFO8BBwKbCohXrrxx03-ioLdbj93Zqpi8Xvmp1lfiySbfPJyVMWCpUmz_u085DgWqML2jCtrEyjyLPd4rk2lu_XBjn6Ysaqw1Lwte8AS0Qxp7fEWtrjTWfhidqpByKbtBVvG9-_qDhAKPNcB0I0HQVR5emaVnIfL-dLHGFwkT6j801X0_S2ZlkH2R0AYHWegbhoo7LyxTDaEsdkg8hTtFqvU3c210J0qBIjTY9ckJ4V-a-uoQVZmHhfd27tB7jwsgjOJ4VgavFIUMDizxetaZ0PnBsVDvC_87xGRHEgCRrtAAHC3Xty9qxcALyWnsRMH-vm3GOY8hxcd9Ck-NvB9THFjI2dRJW5v7b2ipRpMe3tD4edt4reoSF87_lZr3YA0RKzr1lj5-KeSfZhwquad8PxWWd3zPHOy46dlkuKHNlVEOcK_C15YL9qqZdRFiwYfOxj_Yl3n5_qiQnFloupetmPGPdjqUb0gVyWP7jRJM252Zz_CQq_hipBlbXXIvUowfTCUmXJlspN1h34cmlAy-JF-Riu1NcMSo3aS2YfEd47225ijwJSqBd3ljbvtoasHZU2Hsl3D0BmyCF6bYX4dHcoD7OnYs0ytq4ZZYfR-91r2Wz0v-M-wdXHMJ-G_vEeIixkJ8LPgjtkIlfTtEmBf6svPmYSHTZIluFJ9ZtJwX_OHtwOV1fzBahC8BH011bz_UmEnlEeKDel-fF0rXl7t_cDPP0CcxMLc_2dw8lcHSxeOBRAVSkQ73wgobWPcR8Y2Ej6QszNsObcrP4nxVOtMJiitacv1M-Uc4Iqk2UAnKRmDPeOO8R2hdqT1cd755rgKZcvzZ&pr=13%3AZQujLQAAAAD6R1P6VTA6HiWUisEYI7WxuQCtXg&cid=CAQSQABpAlJWPQoz98peRfo7CH5D4ZuOJf-qGYgNJNCZ696YMvynKZmZx1SCA2pg5J8zr8o3UMsf29eZvuSXzLQQ2FIYAQ&dv3_ver=m202309120101&rfl=https%3A%2F%2Fextra.globo.com&ds=l&xdt=1&iif=1&cor=16302050988041155000&adk=3221193007&idt=106&cac=0&dtd=146
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd7038f54929e0100a5d49aad8dec98f40cab8925d6cf48f3d4ea211cee761e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19388
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1C9A 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8790&pub_id=1980867&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8790&pub_id=1980867
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
an-x-request-uuid
6491097f-16cf-4f14-a739-1dcab8671ae7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 54B3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309140101&jk=1323211802029662&rc=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usersync
usersync.gumgum.com/ Frame E78F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7078119663561859382
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7078119663561859382
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
an-x-request-uuid
ebafe22d-54b2-4de0-83c4-62f72c93a08b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7078119663561859382
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame E78F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_e5102c8a-db13-4d1f-96c0-0f892add0dc0&gdpr=&gdpr_consent=&us_privacy=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=146eb683-11fe-4cf7-a15e-4d8d30df69fc&expires=1&user_group=2&ssp=gumgum2&bsw_param=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&gdpr_pd=
  • https://usersync.gumgum.com/usersync?b=bsw&i=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 21 Sep 2023 01:58:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
syncPlatform
sync.outbrain.com/ Frame E78F
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28fW4eE_gk9WMt2_T49zGeQoSFPm8W8JxF-TQ-fZX9Cfg3l72srxt1eMg3EMvvDUd_%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_a3263899-2fa2-49aa-a5bf-714969814fec&obuid=ENC(fW4eE_gk9WMt2_T49zGeQoSFPm8W8JxF-TQ-fZX9Cfg3l72srxt1eMg3EMvvDUd_)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:08 GMT
Cache-Control
no-cache
X-TraceId
ce58fb6282b332a47c96886a3672eed2
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date
Thu, 21 Sep 2023 01:58:08 GMT
X-TraceId
842182a82be4a0ad48474a27d66ac3bb
Content-Length
0
usersync
usersync.gumgum.com/ Frame E78F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=55455b3e-508a-48f0-8979-ae8e363ff727
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=55455b3e-508a-48f0-8979-ae8e363ff727
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 21 Sep 2023 01:58:06 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=55455b3e-508a-48f0-8979-ae8e363ff727
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame E78F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131
Date
Thu, 21 Sep 2023 01:58:06 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame E78F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-NqwqndhE2pdRYl5YOZYm0cNEKq2W2npYQtJs~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-NqwqndhE2pdRYl5YOZYm0cNEKq2W2npYQtJs~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 21 Sep 2023 01:58:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-NqwqndhE2pdRYl5YOZYm0cNEKq2W2npYQtJs~A
content-length
0
usersync
usersync.gumgum.com/ Frame E78F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=14ae9f1f-538c-4255-aea4-d5256ae4ef41
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=14ae9f1f-538c-4255-aea4-d5256ae4ef41
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=14ae9f1f-538c-4255-aea4-d5256ae4ef41
Date
Thu, 21 Sep 2023 01:58:07 GMT
Connection
keep-alive
X-CI-RTID
a194e756-7927-4fe8-a22d-b4f775bb4acd
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame E78F 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame E78F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_e5102c8a-db13-4d1f-96c0-0f892add0dc0&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame E78F
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=1b6e2241-4b10-4959-afd1-1387c727541d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=1b6e2241-4b10-4959-afd1-1387c727541d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=1b6e2241-4b10-4959-afd1-1387c727541d
access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:06 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame E78F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=lIBltm0HGXpD&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=lIBltm0HGXpD&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=lIBltm0HGXpD&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-f59c96d6-9g5rb
expires
-1
usersync
usersync.gumgum.com/ Frame E78F
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=906539967438444046
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=906539967438444046
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=906539967438444046
date
Thu, 21 Sep 2023 01:58:05 GMT
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame E78F 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_e5102c8a-db13-4d1f-96c0-0f892add0dc0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
81HWTF3BK9B15GTMDJFX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame DDF4
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7078119663561859382
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=7078119663561859382
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:06 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
an-x-request-uuid
17222adc-c424-4a48-8c2a-12dd20b719e2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=7078119663561859382
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame DDF4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a3263899-2fa2-49aa-a5bf-714969814fec&gdpr=&gdpr_consent=&us_privacy=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=bdb1a6ae-b509-411e-b18a-c3587d91a86b&expires=1&user_group=2&ssp=gumgum2&bsw_param=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&gdpr_pd=
  • https://usersync.gumgum.com/usersync?b=bsw&i=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 21 Sep 2023 01:58:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
syncPlatform
sync.outbrain.com/ Frame DDF4
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Fnir9tTgv5BA76twkL5MBCDdZBkxMT5NTmJU6xf63xPI7Q4jCXAArmxY42DuW0U2%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_a3263899-2fa2-49aa-a5bf-714969814fec&obuid=ENC(Fnir9tTgv5BA76twkL5MBCDdZBkxMT5NTmJU6xf63xPI7Q4jCXAArmxY42DuW0U2)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:08 GMT
Cache-Control
no-cache
X-TraceId
6a2ae745d3dc28ec61868dce025b209a
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date
Thu, 21 Sep 2023 01:58:08 GMT
X-TraceId
76fcc3713daa11fb375a33b0c1f7f4fd
Content-Length
0
usersync
usersync.gumgum.com/ Frame DDF4
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=55455b3e-508a-48f0-8979-ae8e363ff727
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=55455b3e-508a-48f0-8979-ae8e363ff727
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 21 Sep 2023 01:58:06 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=55455b3e-508a-48f0-8979-ae8e363ff727
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame DDF4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-d52e9d16-d4d2-5779-4656-76ce448f9be7$ip$195.206.105.131
Date
Thu, 21 Sep 2023 01:58:06 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame DDF4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-NqwqndhE2pdRYl5YOZYm0cNEKq2W2npYQtJs~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-NqwqndhE2pdRYl5YOZYm0cNEKq2W2npYQtJs~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 21 Sep 2023 01:58:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-NqwqndhE2pdRYl5YOZYm0cNEKq2W2npYQtJs~A
content-length
0
usersync
usersync.gumgum.com/ Frame DDF4
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=6a08188d-82e7-47da-8966-e52a9fad3bf9
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=6a08188d-82e7-47da-8966-e52a9fad3bf9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=6a08188d-82e7-47da-8966-e52a9fad3bf9
Date
Thu, 21 Sep 2023 01:58:07 GMT
Connection
keep-alive
X-CI-RTID
f917f314-058f-49d5-9d04-804adccf4dfd
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame DDF4 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame DDF4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a3263899-2fa2-49aa-a5bf-714969814fec&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame DDF4
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=1b6e2241-4b10-4959-afd1-1387c727541d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=1b6e2241-4b10-4959-afd1-1387c727541d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=1b6e2241-4b10-4959-afd1-1387c727541d
access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:06 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame DDF4
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=lIBltm0HGXpD&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=lIBltm0HGXpD&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=lIBltm0HGXpD&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-f59c96d6-9g5rb
expires
-1
usersync
usersync.gumgum.com/ Frame DDF4
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=906539967438444046
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=906539967438444046
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=906539967438444046
date
Thu, 21 Sep 2023 01:58:06 GMT
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame DDF4 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_a3263899-2fa2-49aa-a5bf-714969814fec
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H44JVCDHWY8TWKGG0RNT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame EE16 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 01:58:06 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cs
cs.lkqd.net/ Frame E1B8
Redirect Chain
  • https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
  • https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=3Z5VJoqYVybGylV3ippIcYjKB3XGnV1z2ZN7WgQO
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=3Z5VJoqYVybGylV3ippIcYjKB3XGnV1z2ZN7WgQO
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=3Z5VJoqYVybGylV3ippIcYjKB3XGnV1z2ZN7WgQO
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cs
cs.lkqd.net/ Frame E1B8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/lkq
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAGosE7KF0YAABnKmyoZjw
43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAGosE7KF0YAABnKmyoZjw
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAGosE7KF0YAABnKmyoZjw
Date
Thu, 21 Sep 2023 01:58:06 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cm
p.rfihub.com/ Frame E1B8 		42 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.4.51.v20230217) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:06 GMT
Cache-Control
no-cache
Server
Jetty(9.4.51.v20230217)
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cs
cs.lkqd.net/ Frame E1B8
Redirect Chain
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_ce3f21a1-f6ad-43e1-92a3-b091e8bbd8f0
43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_ce3f21a1-f6ad-43e1-92a3-b091e8bbd8f0
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_ce3f21a1-f6ad-43e1-92a3-b091e8bbd8f0
date
Thu, 21 Sep 2023 01:58:06 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.lkqd.net/ Frame E1B8
Redirect Chain
  • https://rtb.adentifi.com/CookieSyncLKQD
  • https://cs.lkqd.net/cs?partnerId=6&partnerUserId=cuid_4cb4e547-5822-11ee-9fce-121a6d1d7927
43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=6&partnerUserId=cuid_4cb4e547-5822-11ee-9fce-121a6d1d7927
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=6&partnerUserId=cuid_4cb4e547-5822-11ee-9fce-121a6d1d7927
date
Thu, 21 Sep 2023 01:58:06 GMT
content-type
text/plain
csync
sync.spotim.market/ Frame E1B8
Redirect Chain
  • https://sync.1rx.io/usersync2/lkqd
  • https://ad.turn.com/r/cs?pid=45&rndcb=2099360683
  • https://sync.1rx.io/usersync/turn/3738334591507536300?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-c4479bd1-9d2e-44e9-b2c2-88384286ff10-003?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-c4479bd1-9d2e-44e9-b2c2-8...
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-c4479bd1-9d2e-44e9-b2c2-88384286ff10-003
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-c4479bd1-9d2e-44e9-b2c2-88384286ff10-003
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:06 GMT
Server
Adtelligent
Etag
e30acaa57d00effe
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-c4479bd1-9d2e-44e9-b2c2-88384286ff10-003
date
Thu, 21 Sep 2023 01:58:07 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXc4479bd19d2e44e9b2c288384286ff10003
content-type
text/html
cs
cs.lkqd.net/ Frame E1B8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=lkqd
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=288a0a7b-baec-457a-b3a8-f6f3afd79784
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=f5e96277-db67-4937-a9cb-f717eef9b894&user_group=1&ssp=lkqd&bsw_param=288a0a7b-baec-457a-b3a8-f6f3afd79784
  • https://cs.lkqd.net/cs?partnerId=12&partnerUserId=288a0a7b-baec-457a-b3a8-f6f3afd79784&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3D288a0a7b-baec-457a-b3a8-f6f3afd79784%26redi...
  • https://cs.lkqd.net/cs?partnerId=43&partnerUserId=288a0a7b-baec-457a-b3a8-f6f3afd79784&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3D288a0a7b-baec-457a-b3a8-f6f3afd79784
  • https://cs.lkqd.net/cs?partnerId=46&partnerUserId=288a0a7b-baec-457a-b3a8-f6f3afd79784
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=288a0a7b-baec-457a-b3a8-f6f3afd79784
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Thu, 21 Sep 2023 01:58:07 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
//cs.lkqd.net/cs?partnerId=46&partnerUserId=288a0a7b-baec-457a-b3a8-f6f3afd79784
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame E1B8
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D13%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=13&partnerUserId=40865a8c-397a-4ab6-86b1-61a24f3778ff
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=13&partnerUserId=40865a8c-397a-4ab6-86b1-61a24f3778ff
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=13&partnerUserId=40865a8c-397a-4ab6-86b1-61a24f3778ff
date
Thu, 21 Sep 2023 01:58:06 GMT
server
_
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame E1B8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
genericusersync.ashx
sync.tidaltv.com/ Frame E1B8 		0
0
us.php
gu.dyntrk.com/adx/lkqd/ Frame E1B8 		0
0
cs
cs.lkqd.net/ Frame E1B8
Redirect Chain
  • https://media.sabio.us/imp_pixel?invsrc=11&secure=1
  • https://cs.lkqd.net/cs?partnerId=39&partnerUserId=5127801215003724970
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=5127801215003724970
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=5127801215003724970
date
Thu, 21 Sep 2023 01:58:06 GMT
server
Apache/2.4.23 (Unix)
content-length
257
content-type
text/html; charset=iso-8859-1
genericusersync.ashx
sync.tidaltv.com/ Frame E1B8 		0
0
cs
cs.lkqd.net/ Frame E1B8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=ZQujKwAR9Vc2rQAb
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=ZQujKwAR9Vc2rQAb
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

x-served-by
cache-fra-eddf8230116-FRA
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1695261486.433859,VS0,VE0
x-cache
HIT
location
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=ZQujKwAR9Vc2rQAb
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cs
cs.lkqd.net/ Frame E1B8
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=lIBltm0HGXpD&ev=1&pid=561322
43 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=lIBltm0HGXpD&ev=1&pid=561322
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=lIBltm0HGXpD&ev=1&pid=561322
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-f59c96d6-9g5rb
expires
-1
464986.gif
idsync.rlcdn.com/ Frame E1B8 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/464986.gif?partner_uid=7beYp_ofopg
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.lkqd.net/ Frame E1B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=N2JlWXBfb2ZvcGc
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEAic8dZ9YEP0JFO2r8CuYpU&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEAic8dZ9YEP0JFO2r8CuYpU&google_cver=1
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEAic8dZ9YEP0JFO2r8CuYpU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame E1B8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b30&u=7beYp_ofopg&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
  • https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662085148528352
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662085148528352
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
976
content-type
text/html
location
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662085148528352
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
809eb38228d42397-ZRH
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs.lkqd.net/ Frame E1B8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=118
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUser...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partn...
  • https://cs.lkqd.net/cs?partnerId=97&partnerUserId=87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Thu, 21 Sep 2023 01:58:07 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.lkqd.net/ Frame E1B8
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=v
  • https://cs.lkqd.net/cs?partnerId=109&partnerUserId=20e766a60e&gdpr=0&gdpr_consent=
43 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=20e766a60e&gdpr=0&gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Thu, 21 Sep 2023 01:58:06 GMT
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
location
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=20e766a60e&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
DLkDqoh5upaBI9aytUEwuFbhzQEQv8THjO8qXI9azcvhOPfH3ZMpNQ==
view
securepubads.g.doubleclick.net/pcs/ Frame B062 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyrVjozE8qNL87S-6sJw_pAUfwjAG4onu6LsdAjiw_-INoue1NRkzqjcRtzsbeonaMqpErKQPNefXIH0J-6MuT3OzlHeDstnLWWhvPhkFmEZFrLBIzo-spWcHoud7j9zXnuswGb_NHG20_vAdcQWaipVRxH7E2mcLlmOJQAlNCwJUUf9Kq8b6Jq6C2CUBB2CPI6VYqXwKmM2und4Pg0gU8Pd6ETqEgQcstmP9xQumoNrJNdQ9oPst9eTcktLWRvoyvIkK9xXBfJxkdNF1AXfkXu8-xfdsMvAZ-NILTnzRQNNv4KKKEtry_oI6gfUUO5zfFEGEbFvk94SZM3MIQW0TcEKc4r3GQkMOzX_2g&sai=AMfl-YRuA8HZxDzI4d8UlWMGWRbMisylfG3KFpZfaJiJMpKazl_xxfgKA4FmR9e6a4Yn2825_wWymF53pHLcKxKWxhJhqF0ceefFyAbkBXnYP36voRcqcQ0hHACTHJyen18&sig=Cg0ArKJSzJlzzcsEBRKDEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 21 Sep 2023 01:58:06 GMT
truncated
/ Frame B062 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e26d8d1565c0931009d287165fbb7ebf789672939f499885e2cbf050ef2ed38

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame C120 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309140101&jk=2466964896509682&rc=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
appnexus-html5-lib.min.js
acdn.adnxs.com/html5-lib/1.3.0/ Frame 5FD4 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/html5-lib/1.3.0/appnexus-html5-lib.min.js
Requested by
Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a41628988ddb24e6304b002e534b034e517d24b8d6a2465a8eeaf44a8973d070

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://crcdn01.adnxs-simple.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Mon, 31 Oct 2022 06:00:23 GMT
Date
Thu, 21 Sep 2023 01:58:06 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
71196
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
2930
X-Served-By
cache-lga21976-LGA, cache-fra-eddf8230020-FRA
Last-Modified
Tue, 31 May 2016 15:39:23 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1695261487.503977,VS0,VE0
ETag
W/"574db02b-2499"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
49997, 2531
81ec2054d6c4aea9ff75a041b7bcf869.png
crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/ Frame 5FD4 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/81ec2054d6c4aea9ff75a041b7bcf869.png
Requested by
Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
1542823f030453a41535fc240c010a0277b05f9999340d8a0ab96e241458b71c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:06 GMT
Last-Modified
Tue, 18 Jul 2023 12:38:48 GMT
Server
nginx/1.21.3
x-amz-request-id
7affa671-6bee-4cbf-95be-c7a5cb499938
ETag
"9d4242b18514d9f0d0efedab56151bd7"
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Clv-Request-Id
7affa671-6bee-4cbf-95be-c7a5cb499938
Cache-Control
max-age=3888000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10515
X-Clv-S3-Version
2.5
Expires
Sun, 05 Nov 2023 01:58:06 GMT
2e892d5ff9a7bcc480fdc999cb22b563.png
crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/ Frame 5FD4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/2e892d5ff9a7bcc480fdc999cb22b563.png
Requested by
Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
741a7f8b5f083c607886fde34eb487eb4805c55dbe295ed830647e8ea2b05762

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:06 GMT
Last-Modified
Tue, 18 Jul 2023 12:38:48 GMT
Server
nginx/1.21.3
x-amz-request-id
37f7072b-3dcc-4ddf-abea-1dd3162031a3
ETag
"96ec626615057ab429b230c3bb576502"
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Clv-Request-Id
37f7072b-3dcc-4ddf-abea-1dd3162031a3
Cache-Control
max-age=3888000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1581
X-Clv-S3-Version
2.5
Expires
Sun, 05 Nov 2023 01:58:06 GMT
54e5d4a2d423b2acde8d4a7442a4e6c8.png
crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/ Frame 5FD4 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/54e5d4a2d423b2acde8d4a7442a4e6c8.png
Requested by
Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
0f5c2d956e369cdbc5e041ad4436bc88a19a6fb8d56b1fc43e100a9428555ed3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:06 GMT
Last-Modified
Tue, 18 Jul 2023 12:38:48 GMT
Server
nginx/1.21.3
x-amz-request-id
257d8f7d-05ca-414e-a1c4-a71216aea40a
ETag
"ed174792b42fb850f0353521d78b97e6"
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Clv-Request-Id
257d8f7d-05ca-414e-a1c4-a71216aea40a
Cache-Control
max-age=3888000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4682
X-Clv-S3-Version
2.5
Expires
Sun, 05 Nov 2023 01:58:06 GMT
6c32365b34d60d34fb1cf75252d27172.png
crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/ Frame 5FD4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/6c32365b34d60d34fb1cf75252d27172.png
Requested by
Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
25f442ef2f735494321136342c158d1661deb11b1c0924c7e4a2e5d43fb353fc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:06 GMT
Last-Modified
Tue, 18 Jul 2023 12:38:48 GMT
Server
nginx/1.21.3
x-amz-request-id
931f2851-1fbc-48e8-b8f1-8cf76ddbdd86
ETag
"054803119d713f68f8e131b2615a7dd2"
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Clv-Request-Id
931f2851-1fbc-48e8-b8f1-8cf76ddbdd86
Cache-Control
max-age=3888000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3035
X-Clv-S3-Version
2.5
Expires
Sun, 05 Nov 2023 01:58:06 GMT
f4b92ef1c38a46fbbd5193d7240b132e.png
crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/ Frame 5FD4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/f4b92ef1c38a46fbbd5193d7240b132e.png
Requested by
Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
1adf93cdb20979390e5dfad4efb3f17e307f94e3d4dca70588d43423ef696adb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:06 GMT
Last-Modified
Tue, 18 Jul 2023 12:38:48 GMT
Server
nginx/1.21.3
x-amz-request-id
301a1a48-f346-47d3-bb0f-a1c97e9542c1
ETag
"7289999d6dbad9c6ca8f0c24e9031420"
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Clv-Request-Id
301a1a48-f346-47d3-bb0f-a1c97e9542c1
Cache-Control
max-age=3888000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1569
X-Clv-S3-Version
2.5
Expires
Sun, 05 Nov 2023 01:58:06 GMT
171eb163a40940cf442d1e03c7b8f0a6.svg
crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/ Frame 5FD4 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/171eb163a40940cf442d1e03c7b8f0a6.svg
Requested by
Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
23c84f6383cabfceb3842205618dad669d06fff91d31d9bcb63a3584141de4be

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Jul 2023 12:38:48 GMT
Server
nginx/1.21.3
x-amz-request-id
f0639c8c-04b3-41d3-a3a4-3cc74a4c5edb
ETag
W/"171eb163a40940cf442d1e03c7b8f0a6"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Clv-Request-Id
f0639c8c-04b3-41d3-a3a4-3cc74a4c5edb
Cache-Control
max-age=3888000
Connection
keep-alive
X-Clv-S3-Version
2.5
Content-Length
2719
Expires
Sun, 05 Nov 2023 01:58:07 GMT
6c9dc1c8d60dc355c7c03b6fafa63fc7.svg
crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/ Frame 5FD4 		420 B
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/6c9dc1c8d60dc355c7c03b6fafa63fc7.svg
Requested by
Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
c2932d2940db4792419b6ca2caf5923d64eba7e4d5c0f9afa0d04e563454c696

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Jul 2023 12:38:48 GMT
Server
nginx/1.21.3
x-amz-request-id
2d634faf-fcdb-488a-b9ed-45f5be1facec
ETag
W/"6c9dc1c8d60dc355c7c03b6fafa63fc7"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Clv-Request-Id
2d634faf-fcdb-488a-b9ed-45f5be1facec
Cache-Control
max-age=3888000
Connection
keep-alive
X-Clv-S3-Version
2.5
Content-Length
290
Expires
Sun, 05 Nov 2023 01:58:07 GMT
f17b028e4192fb18d61eb06c9d5fd656.jpg
crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/ Frame 5FD4 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/f17b028e4192fb18d61eb06c9d5fd656.jpg
Requested by
Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
41f45d7390eefcb237f44c1076020c8e5053973dba260bc88af47f4d802922b8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:07 GMT
Last-Modified
Tue, 18 Jul 2023 12:38:48 GMT
Server
nginx/1.21.3
x-amz-request-id
76a5b5e0-729f-413d-abdb-361db855f451
ETag
"ec06ad721a7513965e29e2bac07a20c7"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Clv-Request-Id
76a5b5e0-729f-413d-abdb-361db855f451
Cache-Control
max-age=3888000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7455
X-Clv-S3-Version
2.5
Expires
Sun, 05 Nov 2023 01:58:07 GMT
fdd291cc14bc36015371ce7286329cfd.svg
crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/ Frame 5FD4 		299 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/images/fdd291cc14bc36015371ce7286329cfd.svg
Requested by
Host: crcdn01.adnxs-simple.com
URL: https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
0a7b362fdc278d023dc0517c49ba607dafaefeee54c748ce26a30c96aab55cfd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://crcdn01.adnxs-simple.com/creative/p/11833/2023/7/18/48369116/index.html?clickTag=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKbAfBDmwAAAAMAxBkFAQirxq6oBhCB3rzjhsP--UsYtsK_gtKKop1iIMvsyAoo1kQwuVw4AkD7luHXAUjOgZUBUABaA1VTRGIBBcho2AVwWniJlLABgAGB9AWIAQGQAQGYAQWgAQKpAQgSKG8KMNM_sQExSoYa2nbIP7kBAAABAmz0P8EB9nKfHAVI2z_JAWeWBKipZeU_2AEA4AEA%2Fs%3Db8ece8fce8f55a38cf97c7ea3327ff82048c01bb%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaTXQjA8LwZEPuW4dcBGM6BlQEgACgAMQAAAAAAAPA_OglBTVMzOjYwNzNAxURJu37Bbti27D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAAAABpAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DMTE4MzMjQU1TMzo2MDcz%2Fbn%3D96769%2Fclickenc%3Dhttps%253A%252F%252Fshow.sky.ch%252Fde%252Fsubscription%252Fserien%252F86373%252Fthe-rookie%253Futm_source%253Dprogrammatic%2526utm_medium%253Dbanner%2526utm_campaign%253DXD-CH-de-SK_The_rookie%2526utm_term%253D7437477_18487615_276438055_452479867_728x90_22165067_8790%2526utm_content%253DThe_rookie_juillet23_DE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:07 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Jul 2023 12:38:48 GMT
Server
nginx/1.21.3
x-amz-request-id
5b40eadd-5413-44da-bad4-8482857bb814
ETag
W/"fdd291cc14bc36015371ce7286329cfd"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Clv-Request-Id
5b40eadd-5413-44da-bad4-8482857bb814
Cache-Control
max-age=3888000
Connection
keep-alive
X-Clv-S3-Version
2.5
Content-Length
195
Expires
Sun, 05 Nov 2023 01:58:07 GMT
usync.js
eus.rubiconproject.com/ Frame 8584 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
51d124d36cad7f55b97069e9ccd3c06c32174f2d09e959bd9912366b06f12ec6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2023 11:53:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35660
Connection
keep-alive
Content-Length
10516
Expires
Thu, 21 Sep 2023 11:52:26 GMT
ev
s.seedtag.com/e/ 		0
14 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/e/ev
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
via
1.1 google
server
openresty
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
PugMaster
image6.pubmatic.com/AdServer/ Frame ECFA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=17160691&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ef50ac66874936d6715c0274f054dba94ad63f7ae3ec139ace1574b2fd6ac0a5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 21 Sep 2023 01:58:05 GMT
content-length
1972
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 442D 		972 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=95877795&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2f46f618f9ab814abd20007b90755185dfc17a7e67fc9661e7c05d98045d7790

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 21 Sep 2023 01:58:05 GMT
content-length
972
content-type
text/html; charset=UTF-8
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 21 Sep 2023 01:58:06 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
12635
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1695261487.614401,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
6
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1386
wl
t.pubmatic.com/ Frame 139E 		17 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=157163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
usersync
rtb.gumgum.com/ Frame 162B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]
  • https://rtb.gumgum.com/usersync?b=adf&i=1945593063401236011&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=1945593063401236011&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.35.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-35-108.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 21 Sep 2023 01:58:06 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 21 Sep 2023 01:58:06 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=1945593063401236011&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
wl
t.pubmatic.com/ Frame 8867 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=157163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4983/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
/
adx.adform.net/adx/ Frame 6905 		65 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://extra.globo.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ Frame 6905 		65 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://extra.globo.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
vevent
ams3-ib.adnxs.com/ Frame B062 		0
664 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&e=wqT_3QKVDOgVBgAAAwDWAAUBCKvGrqgGEIHevOOGw_75Sxi2wr-C0oqinWIqNgkIEihvCjDTPxExSoYa2nbIPxkAAAEC8En0PyH2cp8cBUjbPylnlgSoqWXlPzEAAACgmZnJPzDL7MgKONZEQLlcSAJQ-5bh1wFYzoGVAWAAaImUsAF4gfQFgAEBigEDVVNEkgUG4JgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAml1ZignYScsIDU4OTc2OTEsIDApOwEULGknLCA3NDM3NDc3LBEULGcnLCAxODQ4NzYxNRUVLHMnLCAyNzY0MzgwNRkWLHInLCA0NTI0Nzk4NglB8LCSAtkEIUxuYjVwZ2pBOEx3WkVQdVc0ZGNCR0FBZ3pvR1ZBVEFBT0FCQUFFaTVYRkRMN01nS1dBQmdfZ0pvQUhBQWVBQ0FBUUNJQVFDUUFRR1lBUUdnQVFHb0FRR3dBUUM1QWM0TjE5MHpNLU1fd1FIUjhkYS1wV1hsUDhrQkFBQUFBQUFBOERfWkFidC13VzdZdHV3XzRBR2wtY1VEOVFHYW1aa19tQUlBb0FJQnRRSUEBMwh2UUkBB_BMQXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTU9DSkdBZ2lNUUFSZ0NMWnFabVQtaUF4Y0luNXVvSXhBQ0dBRXQFUXRESUhaR1ZtWVhWc2RLSUREZ2lSZ0lJakVBc1lBaTIFjMB1Z01KUVUxVE16bzJNRGN6NEFQRlJJQUUyWmppQzRnRTI1amlDNUFFQVpnRUFjRUVBBVkBAQhESkIBBw0BGDJBUUE4UVENDlBBQUFJZ0Z1Uy1ZQmFlNDZJTUJxUVUBFiBBQUFEd1A3RUYBCgkBCERCQgE3HEVBek1fTV95LigAADkyKAAAWgUoAQHAUEFfNEFXeWlnVHdCYi15NkFqNEJkdjc1d0tDQmdORFNFYUlCZ1NRQmdHWUJnQ2hCZwE1BEFBATggcUFZRXNnWWtDAXQNAQBFHQwARx0MAEkdDDh1QVlLmgKZASF0eGFUWFE6XQIsTTZCbFFFZ0FDZ0FNETWIUEFfT2dsQlRWTXpPall3TnpOQXhVUkp1MzdCYnRpMjdEOVINgBBBQUFCWgEGCQEEQmgJCAEBBEJwAQYJAQRCeAkIAQEQQjRBSWs1gPSbAThEOC7YAgDgAovkReoCmQFodHRwczovL2V4dHJhLmdsb2JvLmNvbS9lY29ub21pYS9ub3RpY2lhLzIwMjMvMDgvZXNwbi12YWktY3JpYXItbWFyY2EtZGUtYXBvc3Rhcy1lc3BvcnRpdmFzLWVtLWFjb3Jkby1jb20tcmVkZS1kZS1jYXNzaW5vcy1uby12YWxvci1kZS11cy0yLWJpbGhvZXMuZ2h0bWyAAwCIAwGQAwCYAxegAwGqAwDAA9gEyAMA2APKpU3gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTk1LjIwNi4xMDUuMTMxqAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA0gQPMTE4MzMjQU1TMzo2MDcz2gQCCAHgBAHwBPuW4dcBiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFmp4E-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBvmPAdoGFgoQAAAAAAAAAAAAAAChc3gAEAAYAOAGAfIGAggAgAcBiAcAoAcByAeB9AXSBw0JBSMAAAkmDNoHBggJL7QHAOoHAggA8AeB9gyKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=9349789af3f63edd7e70e1c4884e9fe10f8c3882&type=nv&nvt=5&jm=1003&px=436&py=3221&bw=728&bh=90&sid=2689056551771066752&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22165067&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=7154&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
an-x-request-uuid
08a3535b-5a90-4931-b965-156d0527b1ac
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame EE16 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
51d124d36cad7f55b97069e9ccd3c06c32174f2d09e959bd9912366b06f12ec6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2023 11:53:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35660
Connection
keep-alive
Content-Length
10516
Expires
Thu, 21 Sep 2023 11:52:26 GMT
D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
pagead2.googlesyndication.com/bg/ Frame B1AA 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 13:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
44112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14739
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 13:42:54 GMT
D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
pagead2.googlesyndication.com/bg/ Frame F8C4 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 13:42:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
44112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14739
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 13:42:54 GMT
usersync
usersync.gumgum.com/ Frame 4EAC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZQujKwAR9Vc2rQAb&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZQujKwAR9Vc2rQAb&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:06 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 21 Sep 2023 01:58:06 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZQujKwAR9Vc2rQAb&gdpr=&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230116-FRA
x-timer
S1695261487.856458,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 4015 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9lNTEwMmM4YS1kYjEzLTRkMWYtOTZjMC0wZjg5MmFkZDBkYzA=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7BB8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132160
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 21 Sep 2023 01:58:06 GMT
expires
Fri, 22 Sep 2023 14:40:46 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 2D1F 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 21 Sep 2023 01:58:06 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 2D2D
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZQujL8Co8XYAAEBQkEoAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZQujL8Co8XYAAEBQkEoAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:07 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 21 Sep 2023 01:58:07 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZQujL8Co8XYAAEBQkEoAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40156.dc2p.scaleout.jp
X-SO-IP
195.206.105.131
X-SO-Key
ZQujL8Co8XYAAEBQkEoAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"195.206.105.131","key":"ZQujL8Co8XYAAEBQkEoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40156"}
X-SO-LB-Hostname
m-tgng18.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40156
usersync
usersync.gumgum.com/ Frame B411
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=e_e5102c8a-db13-4d1f-96c0-0f892add0dc0&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=8853a951-6dbd-484a-99d0-982ac1e58488
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=8853a951-6dbd-484a-99d0-982ac1e58488
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:07 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Thu, 21 Sep 2023 01:58:07 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=8853a951-6dbd-484a-99d0-982ac1e58488
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
usersync
usersync.gumgum.com/ Frame 3E1E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=yUyoNLW9ZHw7nDJpwtS0&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=yUyoNLW9ZHw7nDJpwtS0&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:06 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 21 Sep 2023 01:58:06 GMT Thu, 21 Sep 2023 01:58:06 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=yUyoNLW9ZHw7nDJpwtS0&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame C5DC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 01:58:06 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 21 Sep 2023 01:58:06 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usersync
rtb.gumgum.com/ Frame 0D45
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]
  • https://rtb.gumgum.com/usersync?b=adf&i=1945593063401236011&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=1945593063401236011&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.35.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-35-108.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 21 Sep 2023 01:58:06 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 21 Sep 2023 01:58:06 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=1945593063401236011&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersync
usersync.gumgum.com/ Frame 6277
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZQujKwAR9Vc2rQAb&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZQujKwAR9Vc2rQAb&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:06 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 21 Sep 2023 01:58:06 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZQujKwAR9Vc2rQAb&gdpr=&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230116-FRA
x-timer
S1695261487.873304,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame CE2F 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hMzI2Mzg5OS0yZmEyLTQ5YWEtYTViZi03MTQ5Njk4MTRmZWM=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:06 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D172 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132160
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 21 Sep 2023 01:58:06 GMT
expires
Fri, 22 Sep 2023 14:40:46 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 9F5D 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 21 Sep 2023 01:58:06 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame C238
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZQujL8Co8XkAAGUZh3AAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZQujL8Co8XkAAGUZh3AAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:07 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 21 Sep 2023 01:58:07 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZQujL8Co8XkAAGUZh3AAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
m-ad421.dc4p.scaleout.jp
X-SO-IP
195.206.105.131
X-SO-Key
ZQujL8Co8XkAAGUZh3AAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"195.206.105.131","key":"ZQujL8Co8XkAAGUZh3AAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad421"}
X-SO-LB-Hostname
m-tgng21.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad421
usersync
usersync.gumgum.com/ Frame 2255
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=e_a3263899-2fa2-49aa-a5bf-714969814fec&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=e52f791e-e6c7-4c00-a345-1c6e3772b0cd
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=e52f791e-e6c7-4c00-a345-1c6e3772b0cd
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:07 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Thu, 21 Sep 2023 01:58:07 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=e52f791e-e6c7-4c00-a345-1c6e3772b0cd
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
usersync
usersync.gumgum.com/ Frame 830F
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=yUyoNLW9ZHw7nDJpwtS0&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=yUyoNLW9ZHw7nDJpwtS0&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:06 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 21 Sep 2023 01:58:06 GMT Thu, 21 Sep 2023 01:58:06 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=yUyoNLW9ZHw7nDJpwtS0&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame CA10
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 01:58:06 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 21 Sep 2023 01:58:06 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
khaos.json
token.rubiconproject.com/ Frame 8584 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---&khaos=LMSIWYU5-1Y-417D
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
usage
api.permutive.com/v2.0/tpd/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/tpd/usage?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Sep 2023 01:58:06 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
seg
secure.adnxs.com/ 		0
810 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=32239871&t=1
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
an-x-request-uuid
2a9deb70-4f8a-4c49-ae0a-ec85181bee38
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/ Frame 2B67 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230918/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AZK6BAG-g4yL4J4zggQ7_NW7NxJjh3xEf8T7cxuwYGXcAhVNpuGbTgsN4nKX1zYVcY-gxvk88-Vp-8Qikml9INfXSDdtXC2hgbxP0t_L-I4UCWfMJzjZ1BMgH-zuvv_OWzIx9eQIOy8M3pPcTETaL_bYtvzglv03u1vnRWHBhPXmA0Qgg&cry=1&dbm_d=AKAmf-B3a_cXPMqTQD4mBznCVDcR8tfZcTwNZMNwBQqmIuL55xX-5vIqUkRXmrWpOUzKhZqvTPqC54c3IwT4BHaPgI16OjeojuJsJeRG26w_2w1TXuSGY-UBE0d4tCoeDDAuiN2fl4cro6jBm8ZhbVhQyllB9QqsYVgDbgvZt5qI7j-VEIBneniE8RaGE4z22hgneGue0IZ5CKsWB5bXOPQy7pH7_s8f4OAf05igB8jQfTEnI9uKV1L_awmF_6gOVhmAGAO99vxf3bK7xvimWRVErEOKYqAaiVpcuanUlgyJv5874T0PKQdLCJbR-b3HbjnBwTexm9jxLij3j0FurBdJgoSSW9YBFENZqO3WiFOxmIIWY2szBaiANMO9rK4XRuPyzy3InmnhxBOZaQDFIV34rhRV2kpxK_hU_3i1KLguf9_qzHaZNLatYmEyZ48ZttqsAwiO8FPSQl9OXG84gcoOE5AZkTRBXXYMDr4Io9MB9-SOC0uzbjQovn_0epceQxVfX_L-oabmyl9slvkTv7LX5Za59bmZi18wtH1Hs1SezADI_P5wlraJMYN60rad5_W4e65wRUtIa_kEeXP9s72uiSBLe88qIjxJ9WJLgwtaS_1m0H6og2pExmLAqS-eDIxeiswVyJlOnbdmKZ4G-eJyD7_91n581d_EutOiHFDrt6iKYXhXLAsrXqKoAUCgSdzJ5YA8TZy9g-0Li3cr6-RXmRJUzgq_mmno5RPBxyxGjX8cv8pLCljZkZnfej7A968CzY6kRkzvvWw-ZeOSgicAVRH2Gl9sbwX67XYT4SCy1I0yxbU-btnOWNq6qJseCFSdPrUluRqNUIsO_Xz9J7lgqAPUY5KjX4d_F9pQgztwhL5X7SM0KwzEAvac3cGMD9hGszxNPIwdUUtQtoR8H84gicy5Srjz4QK9Rk9JrfzueukQSEmqwzo3JuoyCP-rRfBqJw0c-5blqQhT7-jtLGZ8PpwUvWvBD-O9U9O47Ve4CB2coaiM_ClX5T0Cw-a2n4_UxHFMzmEeyAmUDtBv5_veomWRscORYnsZcT6rBegaUOPk_gAueWB_33xUu5J8o4yc-owTqD8WJe8KGQl-xJH5h_MhkJedbfOMTVuwFiRA5RSLaoORBjmai7UEwmsSyVZ5Kv7o6hEfoD-xnDnJxVigXvUCfnaXlYlDuu6LPJvoAZVp5veLeaMxaG-EgyFGiTtZ-58ND-XOKzUNTyx009_SBJq0kdzwZqDdEs3mufNs1Xn_gCUW5KtDr4FTKKN47a4R-NEmvNqTT7-Q5oxFz1vdsJYbi8ykboUat3JnSIXZTazDLebOeHkVm012Zc02yd1jzRA9ZyruKRYXgYM8LsdkzbGxm6SdXV0ndYckBHRTFVJqlHmxiWRf3M74-Gq4o7P8AZugX-SFMb_meeWQK8m5USTzi-nBIsrLBYRcTc1ga3l3BSadckpD9jx9qZvml7eHp2UvJm0-UofxJso1nBSZLkPPaMuiBH3rJn6qzerxzvYnSlkJ8ADDjkJNowev9i8MhJmCCsSx28N37DlRyY53W1jQwLjhxMja5P1GPcVyM_sSL21Qbyk19BRKLPH-0-kZ9n8LCwpuI7J1cgVYXbsTP9WozAePHfrmZint3yst00jijMHjsPCCsY6ViZBWCofsQMXAfLEY79cG2fTMP2sCEOA1KsMrAWRqVVja4gO2SVwbN8dcSpquFff5aCb8pVIVPjb6Ca_u01vQ0zoc1L0YAaLiP97ET8LMFP0wO41wsGD94V3iMwEndlNLIQAfFdAFrUHRcHeBAadq203o27KGZmvbTq4qidmsUdL8nbmVMTVwiO5_D1prXlTpvn8aPUfU36_UDwUgZU-eh2jXybf1A3I2ipc5efrVtWwnmhBeagUwqrrETErsS1LpkkMqPnbHYhN43zq95g2NtRmshjdWIh-XHPGI7DXgZ4heAwdvIKLZDqAuInIkSd7KHu1qvyjEE34E_cZDavgo0b3LUQ2etusBOP12yZGcDzXvuk3fs-m8Ah1VE1_1utZxs6zOwOJBvqJUx2SMLmfbbKe166mSH0fXioHfc3V5tt3O2o3RGUt8lO1Pu8kifDnn0wTRDor2DZozQFC3K0vwaNNotvZESgBXmaW-fV6a9SHpYN1Nrn8OZOJY2F485TqxTaa0BMbPHL036u9MbWiQkMat0kM8-hFWMR6rf7P7tCHuPzVFkiQ_iOWeEhHP9fotMTylWaiwKc9yzrI-0vi0kOasihd14bEdaJck5aGZiEGN7maT1j8pxchpftzsFmFlF_WhxcjMPx7FXyqPTarHUvZ3NlrUAn_Y5UPPTi5A-_3L7346DXlz1EgA8MdjYiWy2WY8i3vi3CXolNqzc9GQ3xbmZuJipJgWQAbztiVh4QiiPHmeBt4K6aWqO7-etBRy9zgDfTqvm_dyIPXdNVzj0uV1e7Meu_VjYSvrSiv9q70FsMQAw0qf8yFO9iOhY_1K5xiWj_SGKtjj-DtAj44GvV1PSMX9chRzzPCuS7Nrv7RX_PtCFgx6Q5BzYPOa2-eX15Iu8ng4fRa-GzmknVdYkWtPTA1ubxvj4blho-ZtaBOpl3rS3q6UqvkqP2F8y2dZUcGgEPrfwF0wbp2HEzMlkTo147WhNj9JUTv-oguXn0R7K_S8donhxLUh2nQDjSZhrOxWJqUVAxJEp2-5tbKXLJ0-dIP9CU3u00lzIoC_WpVefbqlBSYRR3LLur3j2_ZHtH_4DH1tfgSV2awc1gIeDkLDRuzSaSNcYnvQ3MsJr2rvZa6m3WRsFkIahs-CSdxsPzheNHA5Prk8kyDN2h56kb73AZmvFZycOrxr-YOnAbVpf3mcpJ-YyqQ61niyjIpF1xO2GxrM7c8thNSO-Qhk5qLvPFc8m-IKCM6YZyVZcxWcCL45WoTWiJRTf3tq9D_3ypidNh9Fsfq0e8HNggtHTpvoxKXnN6yujRofLCUphAKrO9BMqDF4Vk1zqsLWOBkqyvvTlZ_dKHZ30PkLXvXDEBzGUu08h9Mm5-4g4hXfVx0xHQsOpX4U_VQrM0Tx5pPZSiwVetoftuhUNk-2p449sbMpYJJumhZE26f--43IFZ7USDS_Rl-b0m6ThW7-lCKLg24l3PJifR8JFO8BBwKbCohXrrxx03-ioLdbj93Zqpi8Xvmp1lfiySbfPJyVMWCpUmz_u085DgWqML2jCtrEyjyLPd4rk2lu_XBjn6Ysaqw1Lwte8AS0Qxp7fEWtrjTWfhidqpByKbtBVvG9-_qDhAKPNcB0I0HQVR5emaVnIfL-dLHGFwkT6j801X0_S2ZlkH2R0AYHWegbhoo7LyxTDaEsdkg8hTtFqvU3c210J0qBIjTY9ckJ4V-a-uoQVZmHhfd27tB7jwsgjOJ4VgavFIUMDizxetaZ0PnBsVDvC_87xGRHEgCRrtAAHC3Xty9qxcALyWnsRMH-vm3GOY8hxcd9Ck-NvB9THFjI2dRJW5v7b2ipRpMe3tD4edt4reoSF87_lZr3YA0RKzr1lj5-KeSfZhwquad8PxWWd3zPHOy46dlkuKHNlVEOcK_C15YL9qqZdRFiwYfOxj_Yl3n5_qiQnFloupetmPGPdjqUb0gVyWP7jRJM252Zz_CQq_hipBlbXXIvUowfTCUmXJlspN1h34cmlAy-JF-Riu1NcMSo3aS2YfEd47225ijwJSqBd3ljbvtoasHZU2Hsl3D0BmyCF6bYX4dHcoD7OnYs0ytq4ZZYfR-91r2Wz0v-M-wdXHMJ-G_vEeIixkJ8LPgjtkIlfTtEmBf6svPmYSHTZIluFJ9ZtJwX_OHtwOV1fzBahC8BH011bz_UmEnlEeKDel-fF0rXl7t_cDPP0CcxMLc_2dw8lcHSxeOBRAVSkQ73wgobWPcR8Y2Ej6QszNsObcrP4nxVOtMJiitacv1M-Uc4Iqk2UAnKRmDPeOO8R2hdqT1cd755rgKZcvzZ&pr=13%3AZQujLQAAAAD6R1P6VTA6HiWUisEYI7WxuQCtXg&cid=CAQSQABpAlJWPQoz98peRfo7CH5D4ZuOJf-qGYgNJNCZ696YMvynKZmZx1SCA2pg5J8zr8o3UMsf29eZvuSXzLQQ2FIYAQ&dv3_ver=m202309120101&rfl=https%3A%2F%2Fextra.globo.com&ds=l&xdt=1&iif=1&cor=16302050988041155000&adk=3221193007&idt=106&cac=0&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
21648
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11585
x-xss-protection
0
server
cafe
etag
30886230758233217
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Oct 2023 19:57:18 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2B67 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AZK6BAG-g4yL4J4zggQ7_NW7NxJjh3xEf8T7cxuwYGXcAhVNpuGbTgsN4nKX1zYVcY-gxvk88-Vp-8Qikml9INfXSDdtXC2hgbxP0t_L-I4UCWfMJzjZ1BMgH-zuvv_OWzIx9eQIOy8M3pPcTETaL_bYtvzglv03u1vnRWHBhPXmA0Qgg&cry=1&dbm_d=AKAmf-B3a_cXPMqTQD4mBznCVDcR8tfZcTwNZMNwBQqmIuL55xX-5vIqUkRXmrWpOUzKhZqvTPqC54c3IwT4BHaPgI16OjeojuJsJeRG26w_2w1TXuSGY-UBE0d4tCoeDDAuiN2fl4cro6jBm8ZhbVhQyllB9QqsYVgDbgvZt5qI7j-VEIBneniE8RaGE4z22hgneGue0IZ5CKsWB5bXOPQy7pH7_s8f4OAf05igB8jQfTEnI9uKV1L_awmF_6gOVhmAGAO99vxf3bK7xvimWRVErEOKYqAaiVpcuanUlgyJv5874T0PKQdLCJbR-b3HbjnBwTexm9jxLij3j0FurBdJgoSSW9YBFENZqO3WiFOxmIIWY2szBaiANMO9rK4XRuPyzy3InmnhxBOZaQDFIV34rhRV2kpxK_hU_3i1KLguf9_qzHaZNLatYmEyZ48ZttqsAwiO8FPSQl9OXG84gcoOE5AZkTRBXXYMDr4Io9MB9-SOC0uzbjQovn_0epceQxVfX_L-oabmyl9slvkTv7LX5Za59bmZi18wtH1Hs1SezADI_P5wlraJMYN60rad5_W4e65wRUtIa_kEeXP9s72uiSBLe88qIjxJ9WJLgwtaS_1m0H6og2pExmLAqS-eDIxeiswVyJlOnbdmKZ4G-eJyD7_91n581d_EutOiHFDrt6iKYXhXLAsrXqKoAUCgSdzJ5YA8TZy9g-0Li3cr6-RXmRJUzgq_mmno5RPBxyxGjX8cv8pLCljZkZnfej7A968CzY6kRkzvvWw-ZeOSgicAVRH2Gl9sbwX67XYT4SCy1I0yxbU-btnOWNq6qJseCFSdPrUluRqNUIsO_Xz9J7lgqAPUY5KjX4d_F9pQgztwhL5X7SM0KwzEAvac3cGMD9hGszxNPIwdUUtQtoR8H84gicy5Srjz4QK9Rk9JrfzueukQSEmqwzo3JuoyCP-rRfBqJw0c-5blqQhT7-jtLGZ8PpwUvWvBD-O9U9O47Ve4CB2coaiM_ClX5T0Cw-a2n4_UxHFMzmEeyAmUDtBv5_veomWRscORYnsZcT6rBegaUOPk_gAueWB_33xUu5J8o4yc-owTqD8WJe8KGQl-xJH5h_MhkJedbfOMTVuwFiRA5RSLaoORBjmai7UEwmsSyVZ5Kv7o6hEfoD-xnDnJxVigXvUCfnaXlYlDuu6LPJvoAZVp5veLeaMxaG-EgyFGiTtZ-58ND-XOKzUNTyx009_SBJq0kdzwZqDdEs3mufNs1Xn_gCUW5KtDr4FTKKN47a4R-NEmvNqTT7-Q5oxFz1vdsJYbi8ykboUat3JnSIXZTazDLebOeHkVm012Zc02yd1jzRA9ZyruKRYXgYM8LsdkzbGxm6SdXV0ndYckBHRTFVJqlHmxiWRf3M74-Gq4o7P8AZugX-SFMb_meeWQK8m5USTzi-nBIsrLBYRcTc1ga3l3BSadckpD9jx9qZvml7eHp2UvJm0-UofxJso1nBSZLkPPaMuiBH3rJn6qzerxzvYnSlkJ8ADDjkJNowev9i8MhJmCCsSx28N37DlRyY53W1jQwLjhxMja5P1GPcVyM_sSL21Qbyk19BRKLPH-0-kZ9n8LCwpuI7J1cgVYXbsTP9WozAePHfrmZint3yst00jijMHjsPCCsY6ViZBWCofsQMXAfLEY79cG2fTMP2sCEOA1KsMrAWRqVVja4gO2SVwbN8dcSpquFff5aCb8pVIVPjb6Ca_u01vQ0zoc1L0YAaLiP97ET8LMFP0wO41wsGD94V3iMwEndlNLIQAfFdAFrUHRcHeBAadq203o27KGZmvbTq4qidmsUdL8nbmVMTVwiO5_D1prXlTpvn8aPUfU36_UDwUgZU-eh2jXybf1A3I2ipc5efrVtWwnmhBeagUwqrrETErsS1LpkkMqPnbHYhN43zq95g2NtRmshjdWIh-XHPGI7DXgZ4heAwdvIKLZDqAuInIkSd7KHu1qvyjEE34E_cZDavgo0b3LUQ2etusBOP12yZGcDzXvuk3fs-m8Ah1VE1_1utZxs6zOwOJBvqJUx2SMLmfbbKe166mSH0fXioHfc3V5tt3O2o3RGUt8lO1Pu8kifDnn0wTRDor2DZozQFC3K0vwaNNotvZESgBXmaW-fV6a9SHpYN1Nrn8OZOJY2F485TqxTaa0BMbPHL036u9MbWiQkMat0kM8-hFWMR6rf7P7tCHuPzVFkiQ_iOWeEhHP9fotMTylWaiwKc9yzrI-0vi0kOasihd14bEdaJck5aGZiEGN7maT1j8pxchpftzsFmFlF_WhxcjMPx7FXyqPTarHUvZ3NlrUAn_Y5UPPTi5A-_3L7346DXlz1EgA8MdjYiWy2WY8i3vi3CXolNqzc9GQ3xbmZuJipJgWQAbztiVh4QiiPHmeBt4K6aWqO7-etBRy9zgDfTqvm_dyIPXdNVzj0uV1e7Meu_VjYSvrSiv9q70FsMQAw0qf8yFO9iOhY_1K5xiWj_SGKtjj-DtAj44GvV1PSMX9chRzzPCuS7Nrv7RX_PtCFgx6Q5BzYPOa2-eX15Iu8ng4fRa-GzmknVdYkWtPTA1ubxvj4blho-ZtaBOpl3rS3q6UqvkqP2F8y2dZUcGgEPrfwF0wbp2HEzMlkTo147WhNj9JUTv-oguXn0R7K_S8donhxLUh2nQDjSZhrOxWJqUVAxJEp2-5tbKXLJ0-dIP9CU3u00lzIoC_WpVefbqlBSYRR3LLur3j2_ZHtH_4DH1tfgSV2awc1gIeDkLDRuzSaSNcYnvQ3MsJr2rvZa6m3WRsFkIahs-CSdxsPzheNHA5Prk8kyDN2h56kb73AZmvFZycOrxr-YOnAbVpf3mcpJ-YyqQ61niyjIpF1xO2GxrM7c8thNSO-Qhk5qLvPFc8m-IKCM6YZyVZcxWcCL45WoTWiJRTf3tq9D_3ypidNh9Fsfq0e8HNggtHTpvoxKXnN6yujRofLCUphAKrO9BMqDF4Vk1zqsLWOBkqyvvTlZ_dKHZ30PkLXvXDEBzGUu08h9Mm5-4g4hXfVx0xHQsOpX4U_VQrM0Tx5pPZSiwVetoftuhUNk-2p449sbMpYJJumhZE26f--43IFZ7USDS_Rl-b0m6ThW7-lCKLg24l3PJifR8JFO8BBwKbCohXrrxx03-ioLdbj93Zqpi8Xvmp1lfiySbfPJyVMWCpUmz_u085DgWqML2jCtrEyjyLPd4rk2lu_XBjn6Ysaqw1Lwte8AS0Qxp7fEWtrjTWfhidqpByKbtBVvG9-_qDhAKPNcB0I0HQVR5emaVnIfL-dLHGFwkT6j801X0_S2ZlkH2R0AYHWegbhoo7LyxTDaEsdkg8hTtFqvU3c210J0qBIjTY9ckJ4V-a-uoQVZmHhfd27tB7jwsgjOJ4VgavFIUMDizxetaZ0PnBsVDvC_87xGRHEgCRrtAAHC3Xty9qxcALyWnsRMH-vm3GOY8hxcd9Ck-NvB9THFjI2dRJW5v7b2ipRpMe3tD4edt4reoSF87_lZr3YA0RKzr1lj5-KeSfZhwquad8PxWWd3zPHOy46dlkuKHNlVEOcK_C15YL9qqZdRFiwYfOxj_Yl3n5_qiQnFloupetmPGPdjqUb0gVyWP7jRJM252Zz_CQq_hipBlbXXIvUowfTCUmXJlspN1h34cmlAy-JF-Riu1NcMSo3aS2YfEd47225ijwJSqBd3ljbvtoasHZU2Hsl3D0BmyCF6bYX4dHcoD7OnYs0ytq4ZZYfR-91r2Wz0v-M-wdXHMJ-G_vEeIixkJ8LPgjtkIlfTtEmBf6svPmYSHTZIluFJ9ZtJwX_OHtwOV1fzBahC8BH011bz_UmEnlEeKDel-fF0rXl7t_cDPP0CcxMLc_2dw8lcHSxeOBRAVSkQ73wgobWPcR8Y2Ej6QszNsObcrP4nxVOtMJiitacv1M-Uc4Iqk2UAnKRmDPeOO8R2hdqT1cd755rgKZcvzZ&pr=13%3AZQujLQAAAAD6R1P6VTA6HiWUisEYI7WxuQCtXg&cid=CAQSQABpAlJWPQoz98peRfo7CH5D4ZuOJf-qGYgNJNCZ696YMvynKZmZx1SCA2pg5J8zr8o3UMsf29eZvuSXzLQQ2FIYAQ&dv3_ver=m202309120101&rfl=https%3A%2F%2Fextra.globo.com&ds=l&xdt=1&iif=1&cor=16302050988041155000&adk=3221193007&idt=106&cac=0&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 22:35:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
184959
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Sep 2024 22:35:27 GMT
match
c1.adform.net/serving/cookie/ Frame A208 		35 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 21 Sep 2023 01:58:07 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
dcm
aax-eu.amazon-adsystem.com/s/ Frame E76D 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B499B7AD-7917-48EE-AC2C-59DD92D48E33&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:07 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
09P1EKHV2P2YZVGJH6HA
Pug
simage2.pubmatic.com/AdServer/ Frame 7896
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=FXzjIUJ64SEOKONwQnj-dkAosXIOf-t0EXFSCPSw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7078119663561859382
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7078119663561859382
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Sep 2023 01:58:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
deb13730-5911-4131-8227-26e9313cdca0
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 21 Sep 2023 01:58:07 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7078119663561859382
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame E76C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7078119663561859382&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7078119663561859382
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7078119663561859382
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Sep 2023 01:58:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
3ea87939-6bce-434c-ba30-a8223cdb143a
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 21 Sep 2023 01:58:07 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7078119663561859382
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
sync
visitor.omnitagjs.com/visitor/ Frame 98DD
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7281092644835424410&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
49 B
177 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Thu, 21 Sep 2023 01:58:07 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-fra02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
4

Redirect headers

content-length
210
content-type
text/html; charset=utf-8
date
Thu, 21 Sep 2023 01:58:06 GMT
location
https://visitor.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
visitor.omnitagjs.com/visitor/ Frame DDC5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=1S6dFtTSV3lGVnbORI-b58POaYM&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://visitor.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
49 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
49
content-type
image/gif
date
Thu, 21 Sep 2023 01:58:07 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-fra02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
3

Redirect headers

content-length
210
content-type
text/html; charset=utf-8
date
Thu, 21 Sep 2023 01:58:07 GMT
location
https://visitor.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bridge
cm.adgrx.com/ Frame 2BD8 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
ams-delivery-4.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 21 Sep 2023 01:58:07 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-1
csync
sync.spotim.market/ Frame 4F22 		43 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=448580&extuid=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:06 GMT
Etag
e30acaa57d00effe
Server
Adtelligent
mw
mwzeom.zeotap.com/ Frame ECFA 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
809eb386ff75195e-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame ECFA
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B499B7AD-7917-48EE-AC2C-59DD92D48E33&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B499B7AD-7917-48EE-AC2C-59DD92D48E33&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B499B7AD-7917-48EE-AC2C-59DD92D48E33&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:15 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:15 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=B499B7AD-7917-48EE-AC2C-59DD92D48E33&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame ECFA
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=c8146b70f3b088f8/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=686e9f91dffaf4c2e5263c4958081b60&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
B499B7AD-7917-48EE-AC2C-59DD92D48E33
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame ECFA 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B499B7AD-7917-48EE-AC2C-59DD92D48E33?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:970f:dde0:5c57:1e8b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame ECFA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARivxq6oBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEE8phzZYIhHusdoAJZDIJDeqAQhwdWJtYXRpY7IBJDI4OGEwYTdiLWJhZWMtNDU3YS1iM2E4LWY2ZjNhZmQ3OTc4NA**
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=4f298736-5822-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=288a0a7b-baec-457a-b3a8-f6f3afd79784
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 21 Sep 2023 01:58:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=288a0a7b-baec-457a-b3a8-f6f3afd79784&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 21 Sep 2023 01:58:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame ECFA
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348&gdpr=0&gdpr_consent=
42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 21 Sep 2023 01:58:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame ECFA
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6231fa2ad74c1820&is_secure=true&networkId=17100&version=1&nuid=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIVRMx2uWJxwNEv3n8AAAAAAA&expiration=1695347887&nuid=B499B7AD-7917-48EE-AC2C-59DD92D48E33&...
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIVRMx2uWJxwNEv3n8AAAAAAA&expiration=1695347887&nuid=B499B7AD-7917-48EE-AC2C-59DD92D48E33&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 21 Sep 2023 01:58:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:07 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIVRMx2uWJxwNEv3n8AAAAAAA&expiration=1695347887&nuid=B499B7AD-7917-48EE-AC2C-59DD92D48E33&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
khaos.json
token.rubiconproject.com/ Frame EE16 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---&khaos=LMSIWYU5-1Y-417D
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
usync.js
eus.rubiconproject.com/ Frame C5DC 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
51d124d36cad7f55b97069e9ccd3c06c32174f2d09e959bd9912366b06f12ec6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2023 11:53:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35659
Connection
keep-alive
Content-Length
10516
Expires
Thu, 21 Sep 2023 11:52:26 GMT
usync.js
eus.rubiconproject.com/ Frame CA10 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
51d124d36cad7f55b97069e9ccd3c06c32174f2d09e959bd9912366b06f12ec6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2023 11:53:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35659
Connection
keep-alive
Content-Length
10516
Expires
Thu, 21 Sep 2023 11:52:26 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fextra.globo.com%2F&domain=extra.globo.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 21 Sep 2023 01:58:07 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
189435
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fextra.globo.com%2F&domain=extra.globo.com&cw=1&pbt=1&lsw=1
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:07 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
206897
expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0D6C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
69734
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 21 Sep 2023 01:58:07 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5289, 385014
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230020-FRA
X-Timer
S1695261487.054466,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 3505 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_extra.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 01:58:07 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%2...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=b7f168b6-e95d-4fca-a990-005fd87c2da7&gdpr=0&gdpr_consent=
43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=b7f168b6-e95d-4fca-a990-005fd87c2da7&gdpr=0&gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:07 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Thu, 21 Sep 2023 01:58:07 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=b7f168b6-e95d-4fca-a990-005fd87c2da7&gdpr=0&gdpr_consent=
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=OTA2NTM5OTY3NDM4NDQ0MDQ2&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKpZPx616xU6wbafGddqmXA&gdpr=0&gdpr_consent=&google_cver=1
43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKpZPx616xU6wbafGddqmXA&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:07 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEKpZPx616xU6wbafGddqmXA&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/universal/ 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.250.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-250-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
416092
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1695261487.211394,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
71857
sync
am-match.taboola.com/ Frame 6A00 		422 B
516 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
64846d5b397ac811fdbedc8b0d633b5a573cf0bb73c94135de0909dbf8005aee

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 21 Sep 2023 01:58:07 GMT
machineid
3402
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame ADAD
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHb3NFN0tGMFlBQUJuS215b1pqdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAGosE7KF0YAABnKmyoZjw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGosE7KF0YAABnKmyoZjw&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAGosE7KF0YAABnKmyoZjw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=906539967438444046&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGosE7KF0YAABnKmyoZjw&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGosE7KF0YAABnKmyoZjw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Sep 2023 01:58:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 21 Sep 2023 01:58:07 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGosE7KF0YAABnKmyoZjw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 7A96
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 21 Sep 2023 01:58:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 21 Sep 2023 01:58:07 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame AF14 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 21 Sep 2023 01:58:07 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230116-FRA
x-timer
S1695261487.253948,VS0,VE93
Pug
image2.pubmatic.com/AdServer/ Frame 16BE
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdd1964431d80457ca9ca37e876c7cc5e
42 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdd1964431d80457ca9ca37e876c7cc5e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Sep 2023 01:58:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Thu, 21 Sep 2023 01:58:07 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdd1964431d80457ca9ca37e876c7cc5e
pragma
no-cache
server
Tengine
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 70BB 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UIDB499B7AD-7917-48EE-AC2C-59DD92D48E33
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:07 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
RRR52RVWY0DKQM4XJ76H
Pug
simage2.pubmatic.com/AdServer/ Frame 442D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3738334591507536300&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3738334591507536300&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 21 Sep 2023 01:58:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3738334591507536300&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:07 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 442D
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6ae53944-2414-41d7-b3ff-cb5dff7b15ae&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6ae53944-2414-41d7-b3ff-cb5dff7b15ae&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 21 Sep 2023 01:58:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:6ae53944-2414-41d7-b3ff-cb5dff7b15ae&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 21 Sep 2023 01:58:07 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:07 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:07 GMT
server
nginx
t
t.lkqd.net/ Frame FC37 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:07 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame FC37 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:07 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 3505 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
51d124d36cad7f55b97069e9ccd3c06c32174f2d09e959bd9912366b06f12ec6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:07 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2023 11:53:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35659
Connection
keep-alive
Content-Length
10516
Expires
Thu, 21 Sep 2023 11:52:26 GMT
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://extra.globo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Thu, 21 Sep 2023 01:58:07 GMT
via
1.1 a6e32bd914015b20776b115cfb4ba692.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
MRS52-C1
age
2503747
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230092-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1695261488.522799,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
IIclY0Hd02bh9imcq0tMJSCTDo5LewOaeFyq25cNLCQUuYWH0yvLeA==
x-cache-hits
1165240
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.5.5/ 		450 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.5/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
fd67efe8aac70390a024a95f8fe3355d692a22c846e65d55e82a8aa4014843f0

Request headers

Referer
https://extra.globo.com/
Origin
https://extra.globo.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1695027665
date
Thu, 21 Sep 2023 01:58:07 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
K90CW6V8MDXBJH5R
age
233750
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1695027679
x-amz-meta-mode
33188
content-length
86683
x-amz-id-2
XBlxzfmyn0SbkMn+4/zjrd3ul6mQ4EYvt1eREPY02Aec4mLWrEzhWUVYdOG1T5hQFVRZ9WFBwkc=
x-served-by
cache-fra-eddf8230044-FRA
last-modified
Mon, 18 Sep 2023 09:01:20 GMT
server
AmazonS3-br
x-timer
S1695261488.526091,VS0,VE0
etag
"05df47b8e9f435ec4a08485c8e397651"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
206147
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&cmcv=&pix=31579697&cb=1695261487522&uv=3341&tms=1695261487522&su=3&abt=expl_vE!nonrv_vA!tbt_lit_unit!ufm_vG!ul3342_vB&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
content-length
0
server
nginx
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-WE4K4RF1F3&v=3&t=t&pid=1933361450&cv=1&rv=39i0&tc=11&es=1&e=gtm.historyChange-v2&eid=13&u=AgAAAAAIAAAAACA&ut=AACA&h=Ag&z=0
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
mbox
vidanalytics.taboola.com/putes/ 		2 B
201 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vidanalytics.taboola.com/putes/mbox
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-cache-hits
0
date
Thu, 21 Sep 2023 01:58:07 GMT
via
1.1 varnish
x-backend-name
5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00102
server
nginx
x-timer
S1695261488.559742,VS0,VE63
x-cache
MISS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2
x-served-by
cache-fra-eddf8230092-FRA
generic
match.adsrvr.org/track/cmf/ Frame 6A00 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 6A00
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-CE4s.jJE2oQ6UaGkEDqHQmZNGufVrkS.jQoYgQ--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-CE4s.jJE2oQ6UaGkEDqHQmZNGufVrkS.jQoYgQ--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
34963

Redirect headers

date
Thu, 21 Sep 2023 01:58:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-CE4s.jJE2oQ6UaGkEDqHQmZNGufVrkS.jQoYgQ--~A
content-length
0
sync
x.bidswitch.net/ Frame 6A00 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.60.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-60-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame 1C9A 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8790&pub_id=1980867&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8790&pub_id=1980867
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:07 GMT
an-x-request-uuid
9f158021-f8d2-419e-ab13-0ea5d95e57a3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
r62eglto.js
ad4m.at/ Frame 2B67 		25 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
120455
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpzchwa6xUORDNNrQa4jjb71rydLrBiqOKQ5oZR%2BQvAb2B%2BtTEipkZmsrQ0h3dbOHgp0Y3x5LitOWf%2F3rnwXajtHhGD0ZXZgTZRTuXjN1QqsM2zH0Q0pM%2BO4CaMVxhhteeCvSEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
809eb3896ecc915c-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 19 Sep 2023 16:30:22 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 8402 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187924&gdpr=0
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be144ad1e07e4eeb26247be4a08da3dbb3559a99ecef0dffc35bd4a359622c8c

Request headers

Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
809eb3895f6f24c0-ZRH
content-encoding
br
content-type
text/html
date
Thu, 21 Sep 2023 01:58:07 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J64kICKFQrnvndJzTJ9FsXgbAVNrs7RKra6TYIXtPJFhdhgi%2BOp%2FfzsmpakX0%2BSzlBq0enuoFmC0YexqCIGYNsSHsGuaZcw1aZrNMxwWeFTq2626XBJKAesAi6IWTarrv0Am9NrK5j9rdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
postback
s.update.indexww.com/2/2.104.0/974276/AkJekfYMEPKRY4dv/ Frame 2B67 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.indexww.com/2/2.104.0/974276/AkJekfYMEPKRY4dv/postback?oz_pl=1&ap=&bt=programmatic&cb=306033568693174406&de=2&dm=728x90&gt=CH&md=1&pp=187924&to=3&pi=26031911&ti=1&ui=ZQujKutf4JN9V-XEBbC8xQAA&ci=974276&ac=4443522&cr=26031911&di=extra.globo.com&pv=69d02f4a-d031-4176-9856-493aafac93e4&pc=37681&si=295013&sr=indexexchange.com&psv=2.104.0&_x=1
Requested by
Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/974276/analytics.js?ac=4443522&ap=&bt=programmatic&cb=306033568693174406&cr=26031911&de=2&di=extra.globo.com&dm=728x90&gt=CH&md=1&pc=37681&pi=26031911&pp=187924&pv=69d02f4a-d031-4176-9856-493aafac93e4&si=295013&sr=indexexchange.com&ti=1&to=3&ui=ZQujKutf4JN9V-XEBbC8xQAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 21 Sep 2023 01:58:07 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.indexww.com/2/2.104.0/ Frame 2B67 		154 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.indexww.com/2/2.104.0/main.js
Requested by
Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/974276/analytics.js?ac=4443522&ap=&bt=programmatic&cb=306033568693174406&cr=26031911&de=2&di=extra.globo.com&dm=728x90&gt=CH&md=1&pc=37681&pi=26031911&pp=187924&pv=69d02f4a-d031-4176-9856-493aafac93e4&si=295013&sr=indexexchange.com&ti=1&to=3&ui=ZQujKutf4JN9V-XEBbC8xQAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
867e6ff391fe3ba1c1a593e9be5b7f128c516b625bc42c8be70f7d8ed19ec9ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:07 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
49728
Expires
Sat, 29 May 2055 05:08:40 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8F6B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
22278
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 19:46:49 GMT
etag
48472445140208031
expires
Thu, 21 Sep 2023 19:46:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2B67 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58105
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1695209545430561"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 01:58:07 GMT
truncated
/ Frame 2B67 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
916710f78a45e4c54fd20bab7d11cde8bd8426d4e02bda60991a7838f13d3967

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
events
api.permutive.com/v2.0/batch/ 		201 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b5fee5a4d105dadfaf7053450596146e3431cc77453498401c729a7279e440f6

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140
khaos.json
token.rubiconproject.com/ Frame C5DC 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LMSIWYU5-1Y-417D
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
khaos.json
token.rubiconproject.com/ Frame CA10 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LMSIWYU5-1Y-417D
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
async_usersync
ib.adnxs.com/ Frame 0D6C 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:07 GMT
an-x-request-uuid
1ad6a9a0-db18-4a05-9fa0-4c9fdc0ca15c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8402
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7078119663561859382
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7078119663561859382
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187924&gdpr=0
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1rvdpyKiX80d17lQ5j6V757YCWGuZbwa4tHfmIUlYvXjLt6iujPFuZ7vfSiW8eQ3hsoG2JD9VPtm8%2BuOw7KAY%2FXtAwJqsG7urx5j5dppjnfNa1o1Z2vQ6gQjS1Hw4rZ1Ox4ydrxXq8nTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
809eb38a886f24c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:07 GMT
an-x-request-uuid
cab285a4-f273-4d97-acea-fdf410273797
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7078119663561859382
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8402 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187924&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:970f:dde0:5c57:1e8b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8402
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187924&gdpr=0
Protocol
H2
Server
2a05:d018:d29:3601:970f:dde0:5c57:1e8b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB
date
Thu, 21 Sep 2023 01:58:07 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-registering
ads.stickyadstv.com/ Frame 8402 		43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187924&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1695261487312082-387
Expires
Thu, 21 Sep 2023 01:58:07 GMT
crum
dsum-sec.casalemedia.com/ Frame 8402
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=906539967438444046&gdpr=0&gdpr_consent=
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=906539967438444046&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187924&gdpr=0
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWQdDRmg3Tf%2B2aCkdtoPKGA26ok3KTpOJ4HQqJQYJmOx61P2FUWtXig%2FiPe7joh2TA5o8%2BcxkrPjL17IECM6QHwr8%2BaJ5NB30emrLjDEVWG85KSJGdDWyYz8eysjcyBLm%2BWXg0ZkimHAiA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
809eb38aa88e24c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=906539967438444046&gdpr=0&gdpr_consent=
date
Thu, 21 Sep 2023 01:58:07 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 8402
Redirect Chain
  • https://rtb.adentifi.com/CookieIndex
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_4cb4e547-5822-11ee-9fce-121a6d1d7927
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_4cb4e547-5822-11ee-9fce-121a6d1d7927
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187924&gdpr=0
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSedt8tk3NQBlRzmCF8TEfJrN77n2s%2FOJH5O0Mpf33c9792iOH7GKvbnmZk4yeuj%2FZSQEwEymQOz%2FyGYcRMJ1b4Y5OE0tkoXjxRGIVTMYwIrPXYiZgyeTUuhZNvROHSWM49lldNbPLeN6A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
809eb38c6a5924c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_4cb4e547-5822-11ee-9fce-121a6d1d7927
date
Thu, 21 Sep 2023 01:58:07 GMT
content-type
text/plain
rum
dsum.casalemedia.com/ Frame 8402
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=6e18aba38f611774&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAH9u2VzactSQNkqIfVAAAAAAA&expiration=1695347887&is_secure=true
43 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAH9u2VzactSQNkqIfVAAAAAAA&expiration=1695347887&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187924&gdpr=0
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ax89xqqCBXms83vPbJPz%2B9Plo3hlP02wBWrXAm4gFjZFFq6V6kSKZWqTwIRwm5QtloH5Fglm76oee2qkpt52hTmDGq9wWaV3ktdE9IJUHrGdU%2Bw%2Brj%2F85HgvffiFXmTkmeCJzF%2Fx"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
809eb38c7d1523c7-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:07 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAH9u2VzactSQNkqIfVAAAAAAA&expiration=1695347887&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 8402
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2EFA5667346448F8AB63B285A5ABB642
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2EFA5667346448F8AB63B285A5ABB642
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187924&gdpr=0
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIOlej9E%2BkdlsTP2hyV65y6g2%2BCCb8vuRKxL9ZzeNJBLzw7BXOps59FpSkHKsd9IhnmrCUTPwo9gJQswiIUc2Xv5lQupDMygqumOFwY%2F9roRXXvo3Z6PSsGlrjhhcQPSn5e7s9AU5430dw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
809eb38aa88b24c0-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Thu, 21 Sep 2023 01:58:07 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2EFA5667346448F8AB63B285A5ABB642
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 20 Sep 2023 01:58:07 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 8402 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?ZQujKutf4JN9V_XEBbC8xQAAFEcAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=187924&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
568
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
809eb38b1f340208-ZRH
content-length
43
expires
Thu, 21 Sep 2023 05:58:07 GMT
usersync
usersync.gumgum.com/ Frame C5DC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LMSIWYU5-1Y-417D
  • https://usersync.gumgum.com/usersync?b=mag&i=LMSIWYU5-1Y-417D
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LMSIWYU5-1Y-417D
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:07 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LMSIWYU5-1Y-417D
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
73198396
unified.adsafeprotected.com/v2/1591799/ 		97 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://unified.adsafeprotected.com/v2/1591799/73198396?omidPartner=[OMIDPARTNER]&apiframeworks=[APIFRAMEWORKS]&bundleId=[BUNDLEID]&xsId=[PLEASE_IMPLEMENT_UNIQUE_ADSERVER_IMPRESSION_ID_HERE]&ias_xappb=[ctv_appid]&originalVast=https://s.seedtag.com/a/ad?adtagId=64d373f816b99e000712f5c0&vast=true&pt=5032-5905-01&extCreaId=458143460&extCampId=0&extAdvId=6799936&extPubId=1474376&gdpr=0&gdprConsent=&cb=50303122&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKZAfCBmQAAAAMAxBkFAQitxq6oBhCdz9nt_9-R43cYtsK_gtKKop1iIKyOxgcoqR8w7Gw4AkDk7braAUi8429QAFoDVVNEYgNCUkxoAXABeM-CVoABw_YFiAEBkAEDmAEFoAECqQHXfg1Ij-40QLEBd-h1qulJM0C5AQAAAAApXAtAwQF36AkUQMkBLnjRV5DuNEDYAZ9G4AEA%2Fs%3D47e3d2eb62ef7f2b03c80e62c85467d170d9a4b2%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%25213BcGFwjCh8EbEOTtutoBGLzjbyAAKAAxexSuR-F6hD86CUFNUzM6NjE0MUDFREm7fsFu2LbsP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAAAAAA..%2Fcca%3DMTM5MzIjQU1TMzo2MTQx%2Fbn%3D97091%2Fclickenc%3D&refUrlEnc=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&isPreview=0
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.70.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-70-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1d36c56b88c137d416d950f63e7ef2ee1bcfc941abe4348f21e45022af68a49b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:07 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Request-Id
ck5q6bt735gle0jnm9i0
Content-Length
30536
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 02C0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
536425
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 20:57:42 GMT
expires
Fri, 13 Sep 2024 20:57:42 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 8F6B
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC1PLCsG8DiKL-iH1J_9KN8&google_cver=1&google_push=AXcoOmRPY6uADbKwxcTFVEELtKA60ab4fVbwqczISnrknlDz7dYifVRDvx...
  • https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmRPY6uADbKwxcTFVEELtKA60ab4fVbwqczISnrknlDz7dYifVRDvxpC70esL9ADELlXXbDpvYNDLQTH794cfFFmjqyzD5bk&google_hm=Eua89e...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmRPY6uADbKwxcTFVEELtKA60ab4fVbwqczISnrknlDz7dYifVRDvxpC70esL9ADELlXXbDpvYNDLQTH794cfFFmjqyzD5bk&google_hm=Eua89e61p5v_oIHviKU16A
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmRPY6uADbKwxcTFVEELtKA60ab4fVbwqczISnrknlDz7dYifVRDvxpC70esL9ADELlXXbDpvYNDLQTH794cfFFmjqyzD5bk&google_hm=Eua89e61p5v_oIHviKU16A
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:07 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8F6B
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESELYkTf7fk0xzoT-RGqQBqoA&google_cver=1&google_push=AXcoOmTNmIi3XLLSnt2sIHE5Ky5F0sp-XhFS66Xwz9XSI83tjcJNJty2iXYSWwu5z5WGX2YqJllRgB2Vv-XdiZN569MkdEPFjx5Qog
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2EFA5667346448F8AB63B285A5ABB642&google_push=AXcoOmTNmIi3XLLSnt2sIHE5Ky5F0sp-XhFS66Xwz9XSI83tjcJNJty2iXYSWwu5z5WGX2YqJllRgB2Vv-XdiZN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2EFA5667346448F8AB63B285A5ABB642&google_push=AXcoOmTNmIi3XLLSnt2sIHE5Ky5F0sp-XhFS66Xwz9XSI83tjcJNJty2iXYSWwu5z5WGX2YqJllRgB2Vv-XdiZN569MkdEPFjx5Qog
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 21 Sep 2023 01:58:07 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2EFA5667346448F8AB63B285A5ABB642&google_push=AXcoOmTNmIi3XLLSnt2sIHE5Ky5F0sp-XhFS66Xwz9XSI83tjcJNJty2iXYSWwu5z5WGX2YqJllRgB2Vv-XdiZN569MkdEPFjx5Qog
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 20 Sep 2023 01:58:07 GMT
pixel
cm.g.doubleclick.net/ Frame 8F6B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRO59...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-MgmfV3nbHDK3mW0-1pgLpSx6mMW1WpZ4baKjdQ&google_push=AXcoOmRO59WK9Xx2PHRhtsh8Ezxbkn9jU4gjPcTEE9TQrVaqhbs_VenXvUl0uF6y2JSJnpyG6Hu5j592iKre...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-MgmfV3nbHDK3mW0-1pgLpSx6mMW1WpZ4baKjdQ&google_push=AXcoOmRO59WK9Xx2PHRhtsh8Ezxbkn9jU4gjPcTEE9TQrVaqhbs_VenXvUl0uF6y2JSJnpyG6Hu5j592iKreX1ZuSwaeQ7o9h6S-TA
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:06 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-MgmfV3nbHDK3mW0-1pgLpSx6mMW1WpZ4baKjdQ&google_push=AXcoOmRO59WK9Xx2PHRhtsh8Ezxbkn9jU4gjPcTEE9TQrVaqhbs_VenXvUl0uF6y2JSJnpyG6Hu5j592iKreX1ZuSwaeQ7o9h6S-TA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
558365
content-length
0
expires
Thu, 21 Sep 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8F6B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJlIDZKASW66F2WvRVL8Z84&google_cver=1&google_push=AXcoOmQ6kJdZyPmvMjSVddWsKG8cP5c3cxYmCVU0wUzVcE5rk8J8RIN4RDdd610OTVep3bw8E8om1VIC...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk0NTU5MzA2MzQwMTIzNjAxMQ&google_push=AXcoOmQ6kJdZyPmvMjSVddWsKG8cP5c3cxYmCVU0wUzVcE5rk8J8RIN4RDdd610OTVep3bw8E8om1V...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk0NTU5MzA2MzQwMTIzNjAxMQ&google_push=AXcoOmQ6kJdZyPmvMjSVddWsKG8cP5c3cxYmCVU0wUzVcE5rk8J8RIN4RDdd610OTVep3bw8E8om1VICdo4bfALi1MVN1S4zbwIwRg
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTk0NTU5MzA2MzQwMTIzNjAxMQ&google_push=AXcoOmQ6kJdZyPmvMjSVddWsKG8cP5c3cxYmCVU0wUzVcE5rk8J8RIN4RDdd610OTVep3bw8E8om1VICdo4bfALi1MVN1S4zbwIwRg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 8F6B
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIyPDDRtQ5E6jrxjYtwj9ys&google_cver=1&google_push=AXcoOmRkzCZ_NV65kfOaEU3Alm08CIo7YyTk-3Xr2qHETTLcWQsqbP_dKybHQtwkaTeAr3B6sUpspp...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRkzCZ_NV65kfOaEU3Alm08CIo7YyTk-3Xr2qHETTLcWQsqbP_dKybHQtwkaTeAr3B6sUpsppkc837ciQCJ937ag3BN_EAA3Q&google_hm=OTA2NTM5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRkzCZ_NV65kfOaEU3Alm08CIo7YyTk-3Xr2qHETTLcWQsqbP_dKybHQtwkaTeAr3B6sUpsppkc837ciQCJ937ag3BN_EAA3Q&google_hm=OTA2NTM5OTY3NDM4NDQ0MDQ2
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmRkzCZ_NV65kfOaEU3Alm08CIo7YyTk-3Xr2qHETTLcWQsqbP_dKybHQtwkaTeAr3B6sUpsppkc837ciQCJ937ag3BN_EAA3Q&google_hm=OTA2NTM5OTY3NDM4NDQ0MDQ2
date
Thu, 21 Sep 2023 01:58:07 GMT
content-length
0
/
onetag-sys.com/match/ Frame 8F6B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH5Q-vSvoFwCF8B6t2t9QTo&google_cver=1&google_push=AXcoOmTSwb8nnxpgl6NCAJxWQMC90vZZY9XtSDjaWQntTviPdFHCUYnb8tlBSph7GgKJdhXJWN_rnLNTmit...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTSwb8nnxpgl6NCAJxWQMC90vZZY9XtSDjaWQntTviPdFHCUYnb8tlBSph7GgKJdhXJWN_rnLNTmitEldPC_fPNeZ_rtJQcYw
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
sync-dmp.aura-dsp.com/match/ Frame 8F6B 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 8F6B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IWrLs6N6f0r2mcHEu_XmpXYp9N3TW4Sn2L4ljsxeHndcQ0RHqBhZmAapo-Bbz7WqnZ8quODWk
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
VideoBidRequestHandlerServlet
wf.taboola.com/ 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1695261487780&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1555&pt=252959965&tz=120&viewable=true&ddast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=2058055&dpubid=375975&abtst=expl_vE!nonrv_vA!tbt_lit_unit!ufm_vG!ul3342_vB&mPre=0.033&cirf=https%3A%2F%2Fextra.globo.com&en=1&subu=3&panid=df66b851409d31eff92d3271f26816d5393820c4dbb7241cdff1ecc80f3cab91
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ddc3ed5dce07fb794976918aa8c53ab5631a6a6b6a6e83d761b661c32e2c726a

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 21 Sep 2023 01:58:07 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1455
x-cache
MISS
x-served-by
cache-fra-eddf8230092-FRA
pragma
no-cache
server
nginx
x-timer
S1695261488.791872,VS0,VE56
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://vast.aniview.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
vast.aniview.com/api/adserver61/vast/ 		905 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62ce739af7dbc53bae7f0fe6&AV_URL=https%3A%2F%2Fextra.globo.com&cb=R0.1695261487788&AV_WIDTH=700&AV_HEIGHT=393&AV_CCPA=1---&AV_SCHAIN=1.0,1!taboola.com,1212313,1,1776686349,editoraglobo-extra,extra.globo.com&iiqpartner=755298539
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
336b30935b26f6c19c273f6f1b69ad419ff006e776c9c64af428772c015c1000

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Date
Thu, 21 Sep 2023 01:58:08 GMT
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
X-Bamboo-C-SkSt
1
Transfer-Encoding
chunked
X-Bamboo-WL-Track
track1.aniview.com
Connection
Keep-Alive
X-Bamboo-WL-Player
https://player.aniview.com
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/xml
Access-Control-Allow-Origin
https://extra.globo.com
X-Bamboo-WL-Serve
gov.aniview.com
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
X-HW
1695261487.dop207.fr8.t,1695261487.cds288.fr8.shn,1695261487.dop207.fr8.t,1695261487.cds232.fr8.sc,1695261488.cds232.fr8.p
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
/
vast.aniview.com/api/adserver61/vast/ 		905 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62ce741fc6e4546c8d7def07&AV_URL=https%3A%2F%2Fextra.globo.com&cb=R0.1695261487790&AV_WIDTH=700&AV_HEIGHT=393&AV_CCPA=1---&AV_SCHAIN=1.0,1!taboola.com,1212313,1,1776686349,editoraglobo-extra,extra.globo.com&iiqpartner=755298539
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
119bd26642efebb26f23860b9eccf80e49377ef303f0d915f8b1aa4426d50133

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Date
Thu, 21 Sep 2023 01:58:08 GMT
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
X-Bamboo-C-SkSt
1
Transfer-Encoding
chunked
X-Bamboo-WL-Track
track1.aniview.com
Connection
Keep-Alive
X-Bamboo-WL-Player
https://player.aniview.com
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/xml
Access-Control-Allow-Origin
https://extra.globo.com
X-Bamboo-WL-Serve
gov.aniview.com
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
X-HW
1695261487.dop221.fr8.t,1695261487.cds323.fr8.shn,1695261487.dop221.fr8.t,1695261487.cds249.fr8.sc,1695261488.cds249.fr8.p
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
postback
s.update.indexww.com/2/2.104.0/974276/AkJekfYMEPKRY4dv/ Frame 2B67 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.indexww.com/2/2.104.0/974276/AkJekfYMEPKRY4dv/postback?oz_pl=1&ap=&bt=programmatic&cb=306033568693174406&de=2&dm=728x90&gt=CH&md=1&pp=187924&to=3&pi=26031911&ti=1&ui=ZQujKutf4JN9V-XEBbC8xQAA&ci=974276&ac=4443522&cr=26031911&di=extra.globo.com&pv=69d02f4a-d031-4176-9856-493aafac93e4&pc=37681&si=295013&sr=indexexchange.com&psv=2.104.0&_x=1
Requested by
Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/974276/analytics.js?ac=4443522&ap=&bt=programmatic&cb=306033568693174406&cr=26031911&de=2&di=extra.globo.com&dm=728x90&gt=CH&md=1&pc=37681&pi=26031911&pp=187924&pv=69d02f4a-d031-4176-9856-493aafac93e4&si=295013&sr=indexexchange.com&ti=1&to=3&ui=ZQujKutf4JN9V-XEBbC8xQAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 21 Sep 2023 01:58:07 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
generate_204
tpc.googlesyndication.com/ Frame F8C4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ClR15A
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
vast.aniview.com/api/adserver61/vast/ 		905 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62ce741fc6e4546c8d7def07&AV_URL=https%3A%2F%2Fextra.globo.com&cb=R0.1695261488066&AV_WIDTH=700&AV_HEIGHT=393&AV_CCPA=1---&AV_SCHAIN=1.0,1!taboola.com,1212313,1,1776686379,editoraglobo-extra,extra.globo.com&iiqpartner=755298539
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
1b7ea7b4fd600119635bf8c44e2dc85306ff53b06b39ab7b7e6171d30d8d5864

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Date
Thu, 21 Sep 2023 01:58:08 GMT
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
X-Bamboo-C-SkSt
1
Transfer-Encoding
chunked
X-Bamboo-WL-Track
track1.aniview.com
Connection
Keep-Alive
X-Bamboo-WL-Player
https://player.aniview.com
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/xml
Access-Control-Allow-Origin
https://extra.globo.com
X-Bamboo-WL-Serve
gov.aniview.com
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
X-HW
1695261488.dop263.fr8.shc,1695261488.dop263.fr8.t,1695261488.cds106.fr8.sc,1695261488.cds106.fr8.p
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
postback
s.update.indexww.com/2/2.104.0/974276/AkJekfYMEPKRY4dv/ Frame 2B67 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.indexww.com/2/2.104.0/974276/AkJekfYMEPKRY4dv/postback?ap=&bt=programmatic&cb=306033568693174406&de=2&dm=728x90&gt=CH&md=1&pp=187924&to=3&pi=26031911&ti=1&ui=ZQujKutf4JN9V-XEBbC8xQAA&ci=974276&ac=4443522&cr=26031911&di=extra.globo.com&pv=69d02f4a-d031-4176-9856-493aafac93e4&pc=37681&si=295013&sr=indexexchange.com&sid=AkJekfYMEPKRY4dv&oz_sc=c1e9db5944cf3d08e0843a33&oz_df=1695261488108&oz_l=4575&cv=3
Requested by
Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/2.104.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 21 Sep 2023 01:58:07 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
generate_204
tpc.googlesyndication.com/ Frame B1AA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?QxRp0A
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ev
s.seedtag.com/e/ 		0
14 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/e/ev
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Sep 2023 01:58:08 GMT
via
1.1 google
server
openresty
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
PugMaster
image6.pubmatic.com/AdServer/ Frame 232D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70357133&p=157743&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
67c3e5f2e2e3be9ba3f8320e6e248491b6d53d92e24af289cb6217644cc9e7a8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 21 Sep 2023 01:58:07 GMT
content-length
1770
content-type
text/html; charset=UTF-8
vpaid.2023.05.19-19.29-6622210.js
static.adsafeprotected.com/ias/v1/ Frame D32B 		179 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/ias/v1/vpaid.2023.05.19-19.29-6622210.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f4d7a32cc21d2228b1ff6041790968c40115d5c5d5c27db419141c616fdbd7d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
G_qJVqyHzOrgoSJadTBnrnvfdpxWRNaC
content-encoding
gzip
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
date
Sun, 17 Sep 2023 09:53:23 GMT
x-amz-cf-pop
FRA2-C2
age
317177
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 22 May 2023 17:16:33 GMT
server
AmazonS3
etag
W/"1f3cf120e77d9506f53d71802e3b6c1c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
0ZV3Uh5x-xSKsX5gmt7Iy4junE69d_sX-Ani5VP9RYBmGZCB7bvOKA==
frame.html
ad4m.at/ Frame B32B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
2559134
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
809eb38d8ffc9170-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 21 Sep 2023 01:58:08 GMT
expires
Wed, 09 Aug 2023 01:00:19 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fttaxv%2FOXgYPA0PAJ6VC9Rd%2FkjFFUEjjoBt2ubBleTNaq63BaNtZtofAYbYZMT7M4Cx1o7Ji1Wyf5sfWHd6uaok%2FvHIKWazRG4ibPB%2BbfhUbJn8AYC9wTBd1dNhentvUkISFVi8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ad
v.lkqd.net/ Frame B7AB 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c4=true&c5=&c6=59871&rnd=83632675&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
7814278f8b5b125aa0d5b7fa09fbd4bb5399e094f23ecdae65521d9601e8955c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:08 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1518
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:08 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
4b838e1f-a452-4508-989b-e798c5232c66
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/ Frame 2E53 		186 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/4b838e1f-a452-4508-989b-e798c5232c66
Requested by
Host: d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
URL: https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
186
Content-Type
application/javascript
U2NgGuF9el-mJsFXQu4mM6YCW1zF1vGv2XWOCJKEcfc.js
pagead2.googlesyndication.com/bg/ Frame 02C0 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/U2NgGuF9el-mJsFXQu4mM6YCW1zF1vGv2XWOCJKEcfc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5363601ae17d7a5fa626c15742ee2633a6025b5cc5d6f1afd9758e08928471f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 08:11:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
64000
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14685
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Sep 2024 08:11:28 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame B5EE 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81386129&p=156538&s=156538&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 21 Sep 2023 01:58:07 GMT
content-length
47
content-type
text/html; charset=UTF-8
cm
ipac.ctnsnet.com/int/ Frame 23A9 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 21 Sep 2023 01:58:08 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame D69C
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2847261290142645612
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2847261290142645612
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Sep 2023 01:58:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2847261290142645612
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 3A97
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210827160926938
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210827160926938
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Sep 2023 01:58:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 21 Sep 2023 01:58:08 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210827160926938
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cookiesync
core.iprom.net/ Frame FB2D 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:08 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-3e19e98bfc48@version_1.571v2
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame E63A
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
42 B
249 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Sep 2023 01:58:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:08 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B499B7AD-7917-48EE-AC2C-59DD92D48E33&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
i.match
a.tribalfusion.com/ Frame 4AB1 		43 B
661 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
809eb38e99142397-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 21 Sep 2023 01:58:08 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
image2.pubmatic.com/AdServer/ Frame 6089
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=9d5vj50j2vr6
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=9d5vj50j2vr6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Sep 2023 01:58:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Thu, 21 Sep 2023 01:58:08 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=9d5vj50j2vr6
lws
224
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
image2.pubmatic.com/AdServer/ Frame 2A2B
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26red...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=686e9f91dffaf4c2e5263c4958081b60&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjSbWUhTaMYhaSSMS&gdpr=0&gdpr_consent=
42 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjSbWUhTaMYhaSSMS&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 21 Sep 2023 01:58:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=F1rNcAsvjSbWUhTaMYhaSSMS&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame CE90 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 21 Sep 2023 01:58:08 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame E1BB
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2EFA5667346448F8AB63B285A5ABB642&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2EFA5667346448F8AB63B285A5ABB642&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 21 Sep 2023 01:58:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 21 Sep 2023 01:58:08 GMT
expires
Wed, 20 Sep 2023 01:58:08 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2EFA5667346448F8AB63B285A5ABB642&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 6797
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7796042916
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7796042916
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 21 Sep 2023 01:58:08 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 21 Sep 2023 01:58:08 GMT
etag
RXc4479bd19d2e44e9b2c288384286ff10003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7796042916
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
pubmatic
s.seedtag.com/cs/cookiesync/ Frame ED02 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Sep 2023 01:58:08 GMT
server
openresty
via
1.1 google
AVmanager.js
player.aniview.com/script/6.1/ Frame 1FBD 		478 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.5/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e824482956fc97fb6ddfb83ac8b6351f910132f1a60faf84a9eff927023919fa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:08 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdufo14zJb98eMM3jmpED4Y9nFD_hcFyKrqLe5VfRnnaysViJjNLabyABIH9r-H3oaY0W-hs85s2SOBgZR8vjyT30iMFM7hL
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
131010
last-modified
Mon, 18 Sep 2023 14:47:20 GMT
server
UploadServer
etag
"36dea94d8ba7d6fda4ab98b1fec82dce"
vary
Accept-Encoding
x-goog-generation
1695048440043040
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=N8ppLg==, md5=Nt6pTYun1v2kq5ix/sgtzg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
131010
accept-ranges
bytes
expires
Thu, 21 Sep 2023 02:08:08 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 09BE 		478 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.5/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e824482956fc97fb6ddfb83ac8b6351f910132f1a60faf84a9eff927023919fa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:08 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdufo14zJb98eMM3jmpED4Y9nFD_hcFyKrqLe5VfRnnaysViJjNLabyABIH9r-H3oaY0W-hs85s2SOBgZR8vjyT30iMFM7hL
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
131010
last-modified
Mon, 18 Sep 2023 14:47:20 GMT
server
UploadServer
etag
"36dea94d8ba7d6fda4ab98b1fec82dce"
vary
Accept-Encoding
x-goog-generation
1695048440043040
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=N8ppLg==, md5=Nt6pTYun1v2kq5ix/sgtzg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
131010
accept-ranges
bytes
expires
Thu, 21 Sep 2023 02:08:08 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2B67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGj12LKMLZf23OdntgAeN5IjQDJ6hoa5cofno_p8DwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTc5OTUxMDQwNzY3NzA5MzjIAQngAgCoAwHIAwKqBLADT9C-_OcUaEaGfCsKVkuoLiQ3rWMIhxXgnKtsd0lvhmP8YJLFCJG70Hk-CcFGZ52dHKkULVQ4-hvKd1oBK6wyWXLyxFAUDI6kemdo-TUPADrvUWju0Psg5fUoGX0WSv8xl591O7XFkMz0cUvTrTvx9gZLp7aN4b9BootExH3MtwVZwimvs6L-BQ4qzKUbVonWLs2GOiCQNPJBEb9azsQztWsz7vzv0P_UtqD-vtpCgbhqPNUTh0yG58PudWoTwq2MSpxrc6qaZ7L6ZOXfbReyxUSTgZpY5EOjg_RNnOOL8hikfoGHs0rxBSQH86-c6IImE-CwT6nOhebMaA_gnn1zqGI5OdVt13u-7E--H6pjC9lEXTI-aWm8fJ_CUuTwxorgdlQqevklSypQqs67KlhYj705fwsAuWjWu2750k_OKbot5oCByjd8bnqxUxffKNvjldPKWwJdbWyeB7tY1yezsP2ECBplwR8XgssnCZxKtrBQlVFcatTtq2gTdZA7MbCcpQ8n-jKWAm6fFd-_mmY-jCUK8VgsOhFGHYXHJN2HPf5uKbYaTlJHqY5GvXFM2Mnf4AQBgAb085OD8ZGs6IYBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tNzAwODYwNjIwMTI4MDAyNIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03OTk1MTA0MDc2NzcwOTM4GMysIw&sigh=UPQm4Vq3Iu4&uach_m=[UACH]&cid=CAQSPABpAlJWoXDf1fkpWWe5Mjfq9RgpoqgJIEjHK4Drr9Gtcz1t8dMCtyBlVdkskVgwmxTDeVQv4odChP3DZRgB&cbvp=2&vis=1
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
vpaid.js
ad.lkqd.net/vpaid/ Frame 4177 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:08 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1695261488.cds215.fr8.hn,1695261488.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
postback
s.update.indexww.com/2/2.104.0/974276/AkJekfYMEPKRY4dv/ Frame 2B67 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.indexww.com/2/2.104.0/974276/AkJekfYMEPKRY4dv/postback?ap=&bt=programmatic&cb=306033568693174406&de=2&dm=728x90&gt=CH&md=1&pp=187924&to=3&pi=26031911&ti=1&ui=ZQujKutf4JN9V-XEBbC8xQAA&ci=974276&ac=4443522&cr=26031911&di=extra.globo.com&pv=69d02f4a-d031-4176-9856-493aafac93e4&pc=37681&si=295013&sr=indexexchange.com&sid=AkJekfYMEPKRY4dv&oz_sc=c1e9db5944cf3d08e0843a33&oz_df=1695261488473&oz_l=5941&cv=3
Requested by
Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/2.104.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 21 Sep 2023 01:58:08 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
creatives@4.30.47.js
config.seedtag.com/libs/@seedtag-ads/ Frame D32B 		375 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://config.seedtag.com/libs/@seedtag-ads/creatives@4.30.47.js
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2023.05.19-19.29-6622210.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff2299662e6f10bda15dc45544d32ea01503b4c2bc1e5424c575a74691c2ad1e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:08 GMT
content-encoding
br
cf-cache-status
HIT
age
1871
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Sep 2023 15:22:46 GMT
server
cloudflare
etag
W/"090f20f0fb838f6ebd20b824393c772c"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31534129
access-control-allow-credentials
true
cf-ray
809eb3902ebd24c0-ZRH
expires
Fri, 20 Sep 2024 01:26:57 GMT
skeleton.js
pixel.adsafeprotected.com/fwjsvid/st/1591799/73198396/ Frame D32B 		249 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/fwjsvid/st/1591799/73198396/skeleton.js?videoId=5ad6c8953c7ca2b165dd77fee7a6e03f&apiframeworks=[APIFRAMEWORKS]&bundleId=[BUNDLEID]&ias_xappb=[ctv_appid]&xmapp=0&xmtp=v&xsId=ebc9ea28-1108-44be-b8f6-718d1d19f46d&adsafe_par=&logTestResults=false
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2023.05.19-19.29-6622210.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.147.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-147-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a0c97ac0ee7c08bfc9d1f338e3b6dd0fe530e0b93fe0efee7c439abe91d31334

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:08 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
/
sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/ Frame A99D 		0
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 21 Sep 2023 01:56:49 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.5
af27b7b3-0e53-4180-b1c3-e3cd974f1ea6
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/ Frame 2B67 		817 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/af27b7b3-0e53-4180-b1c3-e3cd974f1ea6
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce1fbfa5046f54fb3cafdf7b6cbe0bb4cffd07d87a5545d779d35587ab11e75e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
817
Content-Type
async_usersync
ib.adnxs.com/ Frame 0D6C 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:08 GMT
an-x-request-uuid
73530e17-72f0-4f68-ae9c-9a4eddf966b4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/ Frame F97A 		0
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/a8c1b6a2754b510b088f624c91944bf3/?pmUserId=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&s=156538&gdpr=0&gdprConsent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3FpmUserId%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 21 Sep 2023 01:56:49 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.2.5
usync.html
ad.lkqd.net/cookie-sync/ Frame 6F15 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 21 Sep 2023 01:58:08 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1695261488.cds215.fr8.hn,1695261488.cds226.fr8.c
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c4=true&c5=&c6=59871&rnd=83632675&m=&rtv=1&thost=extra.globo.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Thu, 21 Sep 2023 01:58:08 GMT
server
nginx
ad
v.lkqd.net/ Frame 4177 		78 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c4=true&c5=&c6=59871&rnd=83632675&m=&rtv=1&thost=extra.globo.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
bbd3c8882613a9938008c2d6ca4ce43ee87dfa1edeb513d77c3244ee04a3ed58

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Sep 2023 01:58:08 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
5257
AVmanager.js
player.aniview.com/script/6.1/ Frame 92DE 		478 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.5/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e824482956fc97fb6ddfb83ac8b6351f910132f1a60faf84a9eff927023919fa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:08 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdufo14zJb98eMM3jmpED4Y9nFD_hcFyKrqLe5VfRnnaysViJjNLabyABIH9r-H3oaY0W-hs85s2SOBgZR8vjyT30iMFM7hL
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
131010
last-modified
Mon, 18 Sep 2023 14:47:20 GMT
server
UploadServer
etag
"36dea94d8ba7d6fda4ab98b1fec82dce"
vary
Accept-Encoding
x-goog-generation
1695048440043040
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=N8ppLg==, md5=Nt6pTYun1v2kq5ix/sgtzg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
131010
accept-ranges
bytes
expires
Thu, 21 Sep 2023 02:08:08 GMT
postback
s.update.indexww.com/2/2.104.0/974276/AkJekfYMEPKRY4dv/ Frame 2B67 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.indexww.com/2/2.104.0/974276/AkJekfYMEPKRY4dv/postback?ap=&bt=programmatic&cb=306033568693174406&de=2&dm=728x90&gt=CH&md=1&pp=187924&to=3&pi=26031911&ti=1&ui=ZQujKutf4JN9V-XEBbC8xQAA&ci=974276&ac=4443522&cr=26031911&di=extra.globo.com&pv=69d02f4a-d031-4176-9856-493aafac93e4&pc=37681&si=295013&sr=indexexchange.com&sid=AkJekfYMEPKRY4dv&oz_sc=c1e9db5944cf3d08e0843a33&oz_df=1695261488802&oz_l=9088&cv=3
Requested by
Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/2.104.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 21 Sep 2023 01:58:08 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
creatives@4.30.47.js
config.seedtag.com/libs/@seedtag-ads/ Frame A754 		375 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://config.seedtag.com/libs/@seedtag-ads/creatives@4.30.47.js
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2023.05.19-19.29-6622210.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff2299662e6f10bda15dc45544d32ea01503b4c2bc1e5424c575a74691c2ad1e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:08 GMT
content-encoding
br
cf-cache-status
HIT
age
1871
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Sep 2023 15:22:46 GMT
server
cloudflare
etag
W/"090f20f0fb838f6ebd20b824393c772c"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31534129
access-control-allow-credentials
true
cf-ray
809eb3912af001df-ZRH
expires
Fri, 20 Sep 2024 01:26:57 GMT
truncated
/ Frame 09BE 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gov.aniview.com/api/adserver/tag/ 		14 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fextra.globo.com&AV_CCPA=1---&AV_SCHAIN=1.0%2C1!taboola.com%2C1212313%2C1%2C1776686349%2Ceditoraglobo-extra%2Cextra.globo.com&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62ce741fc6e4546c8d7def07&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=extra.globo.com&AV_DADPOS=1&AV_GPID=/621cca388ba47d78a102e506/62ce741fc6e4546c8d7def07/extra.globo.com&d36=6.2.128&responsive=1&sver=4&avtoken=488855&omv=1.0.1&clsid=5e884782-15e9-46b9-8657-0b4d8c9ac8a2&rando=62&AV_WIDTH=700&AV_HEIGHT=393&AV_DNT=0&cb=1695261488859&wfc=1
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.125.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-125-213.compute-1.amazonaws.com
Software
/
Resource Hash
3ffae00fba82ef7432036e3b4e058f5ee505cc371a93acddfbc981d2e45258d1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://extra.globo.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Sat, 09 Sep 2023 12:11:29 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=extra.globo.com&sn=&ic=0&tgt=1&app=&wi=700&he=393&test=&d36=6.2.128&apppkg=&fv=1&proto=https&clsid=5e884782-15e9-46b9-8657-0b4d8c9ac8a2&rando=62&pid=621cca388ba47d78a102e506&cid=62ce741fc6e4546c8d7def07&stagid=&stplid=&e=inventory&vi=0&cb=1695261488857
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.88.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-88-143.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ Frame 1FBD 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gov.aniview.com/api/adserver/tag/ 		23 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fextra.globo.com&AV_CCPA=1---&AV_SCHAIN=1.0%2C1!taboola.com%2C1212313%2C1%2C1776686349%2Ceditoraglobo-extra%2Cextra.globo.com&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62ce739af7dbc53bae7f0fe6&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=extra.globo.com&AV_DADPOS=1&AV_GPID=/621cca388ba47d78a102e506/62ce739af7dbc53bae7f0fe6/extra.globo.com&d36=6.2.128&responsive=1&sver=4&avtoken=488884&omv=1.0.1&clsid=7ed8f686-56fc-4fae-bb35-d1625ed966bd&rando=24&AV_WIDTH=700&AV_HEIGHT=393&AV_DNT=0&cb=1695261488885&wfc=1
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.125.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-125-213.compute-1.amazonaws.com
Software
/
Resource Hash
32a70dcadbcc1526f854440aa8a93049acdbdfcf114fc4cdabc7c146ca10664b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://extra.globo.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Sat, 09 Sep 2023 12:11:29 GMT
track
track1.aniview.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=extra.globo.com&sn=&ic=0&tgt=1&app=&wi=700&he=393&test=&d36=6.2.128&apppkg=&fv=1&proto=https&clsid=7ed8f686-56fc-4fae-bb35-d1625ed966bd&rando=24&pid=621cca388ba47d78a102e506&cid=62ce739af7dbc53bae7f0fe6&stagid=&stplid=&e=inventory&vi=0&cb=1695261488885
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.88.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-88-143.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
rs
ad4m.at/ Frame 2B67 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04093939f530cec2013c63c11d5645a26c2d62a6a81a30d3f46c2cedc9ff177c

Request headers

Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L05jJ6ERTpK0X%2BYNgZtO3O1KcXysMoPrst5d2Ii9GF51fpxJnMsj8K5qv%2B1aTLJlGefm%2BH1jj449o8uKyWCprcIyLqNGqR9iE0LKuy5e%2F5v%2FfAbz7kVKKKQu5XhH2q5eGZEMG3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
access-control-allow-credentials
true
cf-ray
809eb39259f9914a-FRA
x-backend-server
aa-reachservice-group-europe-west1-7s0n
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
809eb39209dc914a-FRA
content-length
24
content-type
text/plain
date
Thu, 21 Sep 2023 01:58:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCvhKEDf6XVn79x6ha5dwGWsIokJCz9RYOx3zCJYrypxdLloNhrmQcV14ajq%2BQRxS98n4u1hSpmbZbOB0bEnFCzreD1Kib9IYmo1sfJIlUScLPzqt3K3YcFWDKhJobApmv%2Be%2BJ0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-7s0n
truncated
/ Frame 92DE 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=extra.globo.com&sn=&ic=0&tgt=1&app=&wi=700&he=393&test=&d36=6.2.128&apppkg=&fv=1&proto=https&clsid=10dae1e2-df4d-45e1-930e-66e773a37af5&rando=31&pid=621cca388ba47d78a102e506&cid=62ce741fc6e4546c8d7def07&stagid=&stplid=&e=inventory&vi=0&cb=1695261488975
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.88.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-88-143.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:09 GMT
server
nginx
t
t.lkqd.net/ Frame 6618 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:09 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
sca.17.6.2.js
static.adsafeprotected.com/ Frame 8D8F 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
9002301
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
iOZAgoqUehqH56nnyj0ZsTZpfVrAGKBpkonK8VE-E5-G-C_UWNDQWA==
sodar
pagead2.googlesyndication.com/pagead/ Frame 139E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309140101&jk=2466964896509682&bg=!cHOlczzNAAbP3fMH7907ADQBe5WfOHw__P2kIhBKLQYF4bmEU35ncrrdMD_v_15GMHnnHY3PUpq15fvColRoyD6vNVNMAgAAAyxSAAAACWgBBwoAvBFTU14-Acqq1aq5R7igLO925D3gKKAj-BEdZhvTXaIB4MmyqYcM6OZk6pkoOmwFGC7EOlpaJ6pYJVrBQaRmd_fRZwZC3pbOQzzRjUgTo8ZUKgOOR2Glfcwjg7rCPG9kKLjNYCGddEYFiqMnZkWZPE5_znhhzAWM12199Lp6bx8uEXNGSe5b7uKCD7gPyx15X-JWihh1cybGYnPumH8DrUdnN-sVaSF_egJTv0lWCg4_Q6py9_q34zkfgQdYmQLK6gXMCyLpB8xYI5FzhDzP6moJ66yYpUfo7NQFj7JWW4DBZzX4cOlg0S6u8uzhOcHugR_wlLpARjNL5ng5JQjt34qTmByDqxbgFEliD-N_62oyJf3bakEtW_ERIDcT7zEpxA1ayYtzQBzyXIfWzK4V_Khwy39dQ7XwFIjquPTQHkEcC8CSa-VHEyn2nkrRe9-aaasbjDoRxYPmRqNiORR2NSEIwYF34VRPlGJNdigfz0f63Gq9J4-mDf_EaFBodQnk1oj8sg2OpZwzy6U3G1CExeVhoaMU_v6wP5MJy6Q4mDdvfZlYkYAwzcwzSTzhgvwxfoRoJX_KQfHHDjgSG14r7Qk6lYNpCH4OQ74V4THrSw1NgVWeGgQdTrn0SanXfI5D8Q1KCwZOYVJ1ItuO9USiVhxxyl6-0ihwhtwxepXdM1Xl5Seh-q3p9cG45PxbZDVtG7hgvWTcB33m-Vz43g4lTHvbprwRDHek-D8bpvTOmnn8lh0aM_Q2LV2Jvr9B1ZWjqZEwDrcoO1hHjQOfU-8xr35nmk0toIjGYmd2nZdpqo7ZB2EPCB_itZbiCtnnGT8eHHSJNLZe6qQeBdyNe7skmPbrXwmFcLrQNR-rJGGiVKpV_aJPsOFjuiuE1jhL9FNnZaNvYOljHITrD6tu_P_AXIM_msiQIidK035vzxl0nk-zxZfauykSiax4MzVMZP-LwQ0T1d-qjAqpIPZViz3UsUA-lmwChEDEi3KdmjYKSLuTUzz8FL9KHbJcto3XmAUoJ7xgRHL4rbogvy9g_Dwa1IzRw0OM9C60s4PvWs0Fn_DaKQOyjOa8YSalBRb_mHiip_nw5QIgPWDxCH6i16LKiyS-tb3-76hUES95-BVicPzF6ngS87YYN3r--BYGqHoYz2zMe8fnY0k6BQeRTZZH4xExceuoaAz-lKkUMcTH7g_v5k9Qo6sjfYcU
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 8867 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309140101&jk=1323211802029662&bg=!8fKl8r3NAAbP3fMH7907ADQBe5WfOKRB2Z1ODmWwSW8BGbK2Ks0ig33CeYeWiXdnYQMQSnllbca08Sp8Sr6s0Z_80Fy1AgAAA1xSAAAAB2gBB5kC3Lqoc0P9WkMQ17HOgDvC-iQmTguckB9Gy7OgQlw0BwaAJjajhceNujLtZ_Q4Jj8ugkR8xHKZ42tcnmLlhgar7EBmsQLMhwYi6OjOeLiJethq1XEQF0hyPRF_QrF33SK4CkFBWiEiMVGQTAN4gOiufgOaDVmGB1hQr9gRGYfy5Bf2z_C-zufmvzCNQJqVwrPAcn3jTM36ivIPENIgcgZpPqjlyNWo35smgOctY_7jVxnkFrPwPJaooHU4OwvJNRNbGypZQHAS0yn_GROBnSVSu8jYUD2RtVjyXukGAMxDAminESdfemO7_JY3sHnNrrUPfu0t9OY4a6BJn2OiQ6jt2IMpjszSIwqXUbcPQiq8ynXFovjFHUNU0IBNNdRkR-DihW3O046xbGj-ydhIc1PEfDMcsL0i3nMGr6L7NiB-M9IOUFTWed2lRCcRYW8kGVCpSUB2Ko-dOs_clBJ09gZIiP9_6zp7DtE5gMKX8Wq6Ym9I7SoJCgzkRRO_kQJobn2mF8yyZmJtsHEnFhGFy5DiLJFFZZ2k2XwbbnZoRufwxu5kwo13PQ0Jc0MJrhYk92DFXhVvkCUW3WvuB8nPUEPTN_7Fw6R_psFaI-RDgMn7X09EZlaBy_3BS2-zIJA775r48m_WfYlTu8f6r2bz-rMdNMRWjQgM7SekGHj8nJ1FuHG2D7xrFZgjpUpWI8zdz2_G34jJme87deKf3fYygYx4R7VMndCuxIiQogRcXoAfWjTlGHBELP47F6VbylNE5TMBye9EzXSoHqcDEH2r2wyvDn1rG9Q5CMm7-21Gr8ZLjG0j7KBMLg_GMQIaYlZelLv9NIxTfs8LyZPgEjMpIeMep7VXj-cvhmPOrE23RE0CBngJYy4WEnjfCbjU95ETs_2TLLCy2hDC_DHx_3n9czDB5yNVNT0R4hjhqIZegvG-tPySAQ-m4L9GSCikUHVeey5YIFicb0_JTCjJy_vQ5w
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
SPug
simage4.pubmatic.com/AdServer/ Frame ECFA 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
rar
as.ad4m.at/ad/ Frame 9E5D 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329291&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2CRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CQx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV&c=728&d=90&e=&g=81db5544978d0901e814cde68bae6ea4%2F14132338960290869897&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695261489030&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC0nIvLaMLZdOXAd6g9u8Pg7aPmA7E_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAlqJkWaV77E-qAMByAObBKoEkwJP0BPHGRF8VHXZIi7u03xCuicUkvWSte4Zs25DrieC4vn5y1RPNIgeRLIUHhIvHf61EBjpl2tMQwE5XjPZv8T0l7angG6BWBTqaIf93JDcthdb4JcRDLb55xT2fvYug0d3W-uk259OMvwHPiZS43K5iTjsHE8N08qE_gQx0zjA1jBgxPuQD0_KMBEcEJByG6b_iB-3Jd5GfKyHxttTPnslYVSmQ8BHTVilyr1oC0x68WW1tSmlxr0ckOrBaA3lPHifzWCWwrHecqPUwfMx4V4wCpRv54drArU7-1BSKIvsFsw0fK_4yzEmypzQADLa_GE8rnYlG-JTS8TlZAEniWovWhjsF9H7PUiHuJLWMk3yZESCyMAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMjk1MDEzgAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIk-L2lM26gQMVXpD9Bx0D2wPjEAEYASAAEgJWZ_D_BwE%2526num%253D1%2526cid%253DCAQSQABpAlJWPQoz98peRfo7CH5D4ZuOJf-qGYgNJNCZ696YMvynKZmZx1SCA2pg5J8zr8o3UMsf29eZvuSXzLQQ2FIYAQ%2526sig%253DAOD64_0aRLjirbSVIXfl9ZffUYIdOqbM5A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DROX-F3-i0Rt1rSCR-xH9m6E7f8-f07qLDGoYnIW6d0WzoRDPIx5Qw9DEso3ccDbOLhZX6-dPNn608TziDV3b8IfEaZZxT3nwVHFswMlty5qDHWkWW1yIEnrCUGdVIolKtElkWcWLcLG3ZHugnjs6MKTkcMlK8dcANl3qLGtkjYeCJ30M%2526cry%253D1%2526dbm_d%253DAKAmf-DZRzjJ5S3CqTA0gqzuMOa8gSqVUKvnyq-yK3QkXq_vM1Fik35GMjlOv6Ycv07zx9c8Zdwh6siFO8-UX16JpMWqXckbPW_v0GTKeJMD9DCGi6H8ascfh7SUR0sFZoSgV13_aQk4g36kjRXFKl6UUbCoeCMOTaQCesTkEiyAp8Dqq_xjYo8LMDV0kIEyfRPRtljOURL9dGkZXtwRVWsUNj_-2GwWzUkHWV27L77oBUwuwcOgMOQJ1j-dw_073a2AvEXgZIY8up0DAa5JV86nzCH6RT9uhjd09nVcNqtqcEIq0WVPn7nvIelqDB9ho_89yxDLGrDDXUBuHXnuOjTN5t-obFWrl22IN3DTzDTyuAirc_0WmhuA_M-TTtnTHlTHO04cKshWgtMZFy56t61IsBtvbl7KRUpWHZWrsMaWWhiemid0GwgxZ386iwo-Vw_6p_lgAlJpNXd55yv1-edcjwjV96LyCsk87JBys7T9oLCYleR06dHe9FX0qZ-HwMI5VhJAn4eroC1QNscFG_W88XqavtQMQXZPA6iT6cjTk_wj-BD1qDlfl4nNEXCuoRNenApFl3OocSy3CRR9CrF9UfvZnGCwcOwb48Z9kiB2ItaPnQhXFID9x8s8ffcETDjTzlgmIVA7s06JmgVVOikZGPEC6Eq1JxCU7AwFz8E5MVAp0bDIV2FPpAgtBruEoSB5rU-450Ud%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2138f37e8a353aad233783e6b20c62ebccd607a993e09f4f19b59138b497b3e1
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
809eb3941b1d915c-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:09 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
track
s.seedtag.com/at/ Frame A754 		35 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/at/track?d=SMX1uk6718PiSAljMdIomZiAZBM4Gn_Ee9EdUjX0IsPs3ntYOD2yngSKietv-OU0kQCwlSh02Nvop4PxldQLrmPdf7hKxWljlq0Jv-qKnex7vuEZqEbNLiftoXz26tT6DpOeWYOsNk9_-yse5DxtuFgtzGZA6_iMqY4Ft6-IznfhHwbEjz3i1LZaex5_v9KK5GZvJY2uyi2avUEY8qGTPPKBk-Kc3cwFndDNXb3BIwI4VYrjRhtB9w_rsOteOvkJQqKs7sAfOHCXjsT8NKtGAhkKJX9FLbiGERdZrPwFSa7NywO3gtX8C8TN-CfF0NfzCmO8k8mBHcU0qXt6sNPjMtJ11npE19y21CBS8mgqEvoInhLv1ogr636hAEGP8Mpo_Ls6Z0CJwegk8hpx9pMcsQDlZN-ojsO2K8GyhXI8SXapHZcSa32s6FAlzyjesuEAqWpNlgyxqoUQ9EJD-yfR97MBO7fWxvygtDqRqohvdLu-APDISdKkqcWvBO3DCOUWkcTkNAJ5TA8G6X9ICMkrpqzqNpJVW11PMTPAjQC_UsDRW1HtsaI-Lhi1wIEF1RsoTnXhxJ4EiDjOHY_pfCLSjFH6alKg8lJ_K8eogPmtqeU&c=t&hasLibraries=%%has_libraries%%&adunitType=%%adunit_type%%&sourceType=%%source_type%%&inventoryType=%%inventory_type%%
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
content-encoding
gzip
via
1.1 google
server
openresty
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 6905 		28 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=&gdpr_consent=&rp_schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C20051536375037029481949107963,,&tg_c.language=es&width=400&height=225
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.149.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-149-186.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
554145
tag
4cywq-eqnre.ads.tremorhub.com/ad/ Frame 6905
Redirect Chain
  • https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-...
  • https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-...
119 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C3995168035037029481949107963%2C%2C&_tur=T
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
2a05:d018:1914:d732:916f:481d:8a41:2291 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:09 GMT
content-encoding
gzip
server
nginx
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://extra.globo.com
content-type
text/xml;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD

Redirect headers

location
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C3995168035037029481949107963%2C%2C&_tur=T
access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:09 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 6905 		28 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473006&zone_id=2804594&size_id=275&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=%22application/javascript%22,%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C21035110115037029481949107963%2C%2C&gdpr=&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.149.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-149-186.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
1180749
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 6905 		28 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473006&zone_id=2804594&size_id=203&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=%22application/javascript%22,%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C4287847675037029481949107963%2C%2C&gdpr=&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.149.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-149-186.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
35083
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 6905 		28 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473006&zone_id=2804594&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=3&rp_schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C20270697415037029481949107963%2C%2C&gdpr=&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.149.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-149-186.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
40463
/
adx.adform.net/adx/ Frame 6905 		65 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://extra.globo.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ Frame 6905 		65 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://extra.globo.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6905 		815 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C20712855215037029481949107963,,&_fw_gdpr=&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e0ec5772581107270bcc098547d0c15e93700e9bfde94ed9d124565c8f6cdd3b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:09 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
815
x-sticky-vk
1695261488632097-414
Expires
Thu, 21 Sep 2023 01:58:09 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6905 		830 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C5037029481949107963920796807%2C%2C&_fw_gdpr=&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c75b004f13b3e2306b69cfade153d04a09799d9b2eea288a306bfeccdec2fac6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:09 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
830
x-sticky-vk
1695261488857077-431
Expires
Thu, 21 Sep 2023 01:58:09 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6905 		831 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C50370294819491079631591342604,,&_fw_gdpr=&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
89bbc56b157ce4ac1c30a25adbb81cd6b55fcbfafde080011a056edf6b7c3f72

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:09 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
831
x-sticky-vk
1695261488834075-425
Expires
Thu, 21 Sep 2023 01:58:09 GMT
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1591799&asId=982d781e-d550-a047-62dd-bc498b8462fe&tv=%7Bc:oOx564,pingTime:-2,time:185,type:a,im:%7BpBlk:78,sf:0,pLoad:128,pom:1,prf:%7BbeA:782,beZ:784,mfA:786,cmA:787,inA:788,inZ:794,prA:794,prZ:825,si:835,poA:835,bl:860,poZ:860,cmZ:860,mfZ:860,loA:906,loZ:909,ltA:966,ltZ:966%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:888.594,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:49,vs:o,r:l.v,w:888,h:594,t:48%7D%5D,vv:3.8.8,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:185,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:48,wc:0.0.1600.1200,ac:356.906.888.594,am:v,cc:356.906.888.594,piv:49,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B177~30%5D,as:%5B177~888.594%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:fwjsvid,dtt:0,fm:tQs8rvZ+11%7C12%7C1311%7C1312%7C13131%7C13132%7C13133%7C13134%7C13135%7C13136%7C13137%7C1314%7C1315%7C141%7C142%7C143%7C144%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1921%7C1931%7C1932%7C1a1%7C1b%7C1c1%7C1c2%7C1d1%7C1d2%7C1e%7C1f1%7C1f2%7C1f31%7C1f32%7C1f33%7C1f34%7C1f35%7C1f36%7C1f37%7C1f38%7C1f39%7C1f3a%7C1f3b%7C1f3c%7C1f41%7C1f421%7C1f422%7C1f5%7C1f6111%7C1f6112%7C1f6113%7C1f6114%7C1f6115%7C1f6116%7C1f6117%7C1f6118%7C1f612%7C1f613%7C1f62%7C1f63%7C1f64%7C1f65%7C1f66%7C1f7%7C1f8%7C1f9%7C1g%7C1h%7C1i%7C1j1%7C1k1%7C1l%7C1m%7C1n%7C1o1*.1591799-73198396%7C1o11%7C1p%7C1q%7C1r,idMap:1o1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:env,siq:53,slid:%5Bseedtag_creative_528,standard_1,extra%5D,sinceFw:131,readyFired:true%7D&br=c
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:43fd:8cd4:5872:a15c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:09 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
postback
s.update.indexww.com/2/2.104.0/974276/AkJekfYMEPKRY4dv/ Frame 2B67 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.indexww.com/2/2.104.0/974276/AkJekfYMEPKRY4dv/postback?ap=&bt=programmatic&cb=306033568693174406&de=2&dm=728x90&gt=CH&md=1&pp=187924&to=3&pi=26031911&ti=1&ui=ZQujKutf4JN9V-XEBbC8xQAA&ci=974276&ac=4443522&cr=26031911&di=extra.globo.com&pv=69d02f4a-d031-4176-9856-493aafac93e4&pc=37681&si=295013&sr=indexexchange.com&sid=AkJekfYMEPKRY4dv&oz_sc=c1e9db5944cf3d08e0843a33&oz_df=1695261489192&oz_l=356&cv=3
Requested by
Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/2.104.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 21 Sep 2023 01:58:08 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
track
s.seedtag.com/at/ Frame D32B 		35 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/at/track?d=SMX1uk6718PiSAljMdIomZiAZBM4Gn_Ee9EdUjX0IsPs3ntYOD2yngSKietv-OU0WxYXG6GzZugJM7FMSGJx8wQ55C1t4U5Pv9zMA7BUzC6oodHZFWTjjf--TDWL6nSFsg8TQzqAksXSZMKDFDv5ymuolKK2IWeE-BFF1elqrEjAJgKWv9DsSRbummgpVahh73STe44cGBCdPJpDOyLojSUKYgWOIBGN5WgmyttN9s0Ei5cD7gpeUhs8gR6DjmmZPaEhenO4Z1AsxnnLWlTZEsvrAPVrpapQplfbXyHC3x-CooZasNbI48oEYQiNBFGpUVPWXs7zaPWJRIBiAdamwjW_zjsp1rjb0ZscNxNSH-jNcgk0BPQ2NubmsEzdicOALWfREBZLB-Sgy-sg-1wrW9c47rW3gAOZa9_DIBl8MQzwLJX8JIYLqnzdyE_8WFkttPGr9zC6L3Iac6oT-i9I_eQiyfdPEmF3ne7-vTMRf_eTV7NtbFK7neHQbEmrISGJq410hmM9s8ieQwDNTshld-cgRLBBCJzQdURmJkmBemDYXgwyinekjen6N114rCOIoYOU9R3VfpJXbE5_1TTNAhpCmr4SoUJYSCWZm_BZcOU&c=t&hasLibraries=false&adunitType=inImage&sourceType=Tag&inventoryType=internal
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
content-encoding
gzip
via
1.1 google
server
openresty
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
css2
fonts.googleapis.com/ Frame A754 		9 KB
921 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;1,400;1,500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7828d1fa2b425d04b18e730ee7afb5407bf82e5732fbd896f38f8d653673adaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Sep 2023 01:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Sep 2023 01:58:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Sep 2023 01:58:09 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 442D 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 02C0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYTfuLqMLZb_KEKOejuwP5MCjyAsAAAAAOAHgBAI&bg=!ExClEF_NAAZQjyUVcI87ADQBe5WfOKIKdysy-0HbpPQvrIGhLd6_aj1SSDzs6tjNyzdzS8Iq_cTqkPgNbCJOX_aLlw13AgAAArJSAAAABmgBB5kDHzn4FjgGqW2JxkIrIyrMb9_fpqM_3zhHZSeojHMCcvpLmcHVPf60ZX8urggIiFQR98SMrY5jQ8Pl8OxfUGFgz6_iJ9d2HHB94nPzre6n6ZK-W-VNZdeMx_qwISX8OtHrgJgTMDbH0Fokwh_V7H6hbRVJvyi_UyxhRj-fy3Mz44M4Qpz7OEL7Eu7QPpMANRPjzFyKBqJcDjeNvk6d3SszpGLINE1yTkVB8tz9KI0IK_XOUdYVU7JQ1xU9t4GyzqvzSYpSXw8sbTCQ7T0fADY-pkt-T1EpMWa1d_J44_lFAOhTNTQcHY_9O-SJNMq5baqak9dgWiiqLfAT4hyT_VH_0Vx6wHKgGAMFZc6-Aqp5N33L8uh2mVriPT8Pvf83ngNV7qdZSu-df2ZZr8SowrPVx_s8-SrWELJwtIGOYzFuptVj_vHwpRRegFsczQwmp0-hCKgy8vm2njoosIaoQ7q1sLU_aXuHScX2pPPGQ1wXnVjb4gX_E6cs4f_DdD2oYmsYuOmpYbk9BGzRTXefXWZ826_IJ6EN5iKtPggWzjeOCF6M0DXb0z_Ng_La6Ogz6gX3XHzpCc-0agGIPaFz-nw3bQ1iNtXENj2Ft0oqMIBapVYyQVu1PSZzbJiPQpkzi26JMl3PCDiXIAbA-7AQ2EKF4M_OiQ1dYymt813qkAfcvEMmw4cbfbMM0qDW9Gs1HTPBcCov81CMxQCVqFkF6A7sUYKMiBG7GTC6WehKAFVnVekrZRU4DmF7LYlk0C-i9Vv6MdbVrjn-zOYBoYm5MSl92V0l8mAtui_ZU2cEY_wh3BzgfrhzCnRz8hZMra7WlWzpBR7hquf3UJ9sLjaO81LfyiWfvIAL1AD6kgrswMFODjGMG6jTl1IeAeIODF94myDcVBdEBlNey2AMao2bmQjK2rQhaKEJEhYcEjD5bLXuRb8dImJqYFGRlAnPK-fbnuCPQUYQOYvW0RI5l-h4WrsaMTGTVM9Jrivxfyc8fkjS5Xgt1YVq2J4laxMQCpR_CWO7mzrTF3IfKngzwRX-U972yMZzHfjg_aiST22UHL6OuyQ
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
minimize.svg
creatives.seedtag.com/assets/ Frame D32B 		278 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.seedtag.com/assets/minimize.svg
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be7edd51d898f1e25dcc18bef6ac975255e0cd0207ac9c095da0e62f6a0d01c1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1623851893
age
188
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Sep 2023 15:22:43 GMT
server
cloudflare
etag
W/"c127ac2c656eb32d30869e4517b476c1"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
809eb3946b6324c0-ZRH
expires
Thu, 21 Sep 2023 01:55:00 GMT
soundOff.svg
creatives.seedtag.com/assets/ Frame D32B 		551 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.seedtag.com/assets/soundOff.svg
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99798d0fd2a85d5934a88779366fe4826d6b830ecd0b00c24d6b456961c49cd8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1623851893
age
235
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Sep 2023 15:22:44 GMT
server
cloudflare
etag
W/"5214793385d32569fb98144157d5ef21"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
809eb3946b6224c0-ZRH
expires
Thu, 21 Sep 2023 01:54:13 GMT
default.css
as.ad4m.at/ad/style/0.1.49/one-ad/ Frame 9E5D 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.49/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329291&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2CRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CQx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV&c=728&d=90&e=&g=81db5544978d0901e814cde68bae6ea4%2F14132338960290869897&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695261489030&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC0nIvLaMLZdOXAd6g9u8Pg7aPmA7E_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAlqJkWaV77E-qAMByAObBKoEkwJP0BPHGRF8VHXZIi7u03xCuicUkvWSte4Zs25DrieC4vn5y1RPNIgeRLIUHhIvHf61EBjpl2tMQwE5XjPZv8T0l7angG6BWBTqaIf93JDcthdb4JcRDLb55xT2fvYug0d3W-uk259OMvwHPiZS43K5iTjsHE8N08qE_gQx0zjA1jBgxPuQD0_KMBEcEJByG6b_iB-3Jd5GfKyHxttTPnslYVSmQ8BHTVilyr1oC0x68WW1tSmlxr0ckOrBaA3lPHifzWCWwrHecqPUwfMx4V4wCpRv54drArU7-1BSKIvsFsw0fK_4yzEmypzQADLa_GE8rnYlG-JTS8TlZAEniWovWhjsF9H7PUiHuJLWMk3yZESCyMAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMjk1MDEzgAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIk-L2lM26gQMVXpD9Bx0D2wPjEAEYASAAEgJWZ_D_BwE%2526num%253D1%2526cid%253DCAQSQABpAlJWPQoz98peRfo7CH5D4ZuOJf-qGYgNJNCZ696YMvynKZmZx1SCA2pg5J8zr8o3UMsf29eZvuSXzLQQ2FIYAQ%2526sig%253DAOD64_0aRLjirbSVIXfl9ZffUYIdOqbM5A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DROX-F3-i0Rt1rSCR-xH9m6E7f8-f07qLDGoYnIW6d0WzoRDPIx5Qw9DEso3ccDbOLhZX6-dPNn608TziDV3b8IfEaZZxT3nwVHFswMlty5qDHWkWW1yIEnrCUGdVIolKtElkWcWLcLG3ZHugnjs6MKTkcMlK8dcANl3qLGtkjYeCJ30M%2526cry%253D1%2526dbm_d%253DAKAmf-DZRzjJ5S3CqTA0gqzuMOa8gSqVUKvnyq-yK3QkXq_vM1Fik35GMjlOv6Ycv07zx9c8Zdwh6siFO8-UX16JpMWqXckbPW_v0GTKeJMD9DCGi6H8ascfh7SUR0sFZoSgV13_aQk4g36kjRXFKl6UUbCoeCMOTaQCesTkEiyAp8Dqq_xjYo8LMDV0kIEyfRPRtljOURL9dGkZXtwRVWsUNj_-2GwWzUkHWV27L77oBUwuwcOgMOQJ1j-dw_073a2AvEXgZIY8up0DAa5JV86nzCH6RT9uhjd09nVcNqtqcEIq0WVPn7nvIelqDB9ho_89yxDLGrDDXUBuHXnuOjTN5t-obFWrl22IN3DTzDTyuAirc_0WmhuA_M-TTtnTHlTHO04cKshWgtMZFy56t61IsBtvbl7KRUpWHZWrsMaWWhiemid0GwgxZ386iwo-Vw_6p_lgAlJpNXd55yv1-edcjwjV96LyCsk87JBys7T9oLCYleR06dHe9FX0qZ-HwMI5VhJAn4eroC1QNscFG_W88XqavtQMQXZPA6iT6cjTk_wj-BD1qDlfl4nNEXCuoRNenApFl3OocSy3CRR9CrF9UfvZnGCwcOwb48Z9kiB2ItaPnQhXFID9x8s8ffcETDjTzlgmIVA7s06JmgVVOikZGPEC6Eq1JxCU7AwFz8E5MVAp0bDIV2FPpAgtBruEoSB5rU-450Ud%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329291&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2CRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CQx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV&c=728&d=90&e=&g=81db5544978d0901e814cde68bae6ea4%2F14132338960290869897&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695261489030&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC0nIvLaMLZdOXAd6g9u8Pg7aPmA7E_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAlqJkWaV77E-qAMByAObBKoEkwJP0BPHGRF8VHXZIi7u03xCuicUkvWSte4Zs25DrieC4vn5y1RPNIgeRLIUHhIvHf61EBjpl2tMQwE5XjPZv8T0l7angG6BWBTqaIf93JDcthdb4JcRDLb55xT2fvYug0d3W-uk259OMvwHPiZS43K5iTjsHE8N08qE_gQx0zjA1jBgxPuQD0_KMBEcEJByG6b_iB-3Jd5GfKyHxttTPnslYVSmQ8BHTVilyr1oC0x68WW1tSmlxr0ckOrBaA3lPHifzWCWwrHecqPUwfMx4V4wCpRv54drArU7-1BSKIvsFsw0fK_4yzEmypzQADLa_GE8rnYlG-JTS8TlZAEniWovWhjsF9H7PUiHuJLWMk3yZESCyMAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMjk1MDEzgAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIk-L2lM26gQMVXpD9Bx0D2wPjEAEYASAAEgJWZ_D_BwE%2526num%253D1%2526cid%253DCAQSQABpAlJWPQoz98peRfo7CH5D4ZuOJf-qGYgNJNCZ696YMvynKZmZx1SCA2pg5J8zr8o3UMsf29eZvuSXzLQQ2FIYAQ%2526sig%253DAOD64_0aRLjirbSVIXfl9ZffUYIdOqbM5A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DROX-F3-i0Rt1rSCR-xH9m6E7f8-f07qLDGoYnIW6d0WzoRDPIx5Qw9DEso3ccDbOLhZX6-dPNn608TziDV3b8IfEaZZxT3nwVHFswMlty5qDHWkWW1yIEnrCUGdVIolKtElkWcWLcLG3ZHugnjs6MKTkcMlK8dcANl3qLGtkjYeCJ30M%2526cry%253D1%2526dbm_d%253DAKAmf-DZRzjJ5S3CqTA0gqzuMOa8gSqVUKvnyq-yK3QkXq_vM1Fik35GMjlOv6Ycv07zx9c8Zdwh6siFO8-UX16JpMWqXckbPW_v0GTKeJMD9DCGi6H8ascfh7SUR0sFZoSgV13_aQk4g36kjRXFKl6UUbCoeCMOTaQCesTkEiyAp8Dqq_xjYo8LMDV0kIEyfRPRtljOURL9dGkZXtwRVWsUNj_-2GwWzUkHWV27L77oBUwuwcOgMOQJ1j-dw_073a2AvEXgZIY8up0DAa5JV86nzCH6RT9uhjd09nVcNqtqcEIq0WVPn7nvIelqDB9ho_89yxDLGrDDXUBuHXnuOjTN5t-obFWrl22IN3DTzDTyuAirc_0WmhuA_M-TTtnTHlTHO04cKshWgtMZFy56t61IsBtvbl7KRUpWHZWrsMaWWhiemid0GwgxZ386iwo-Vw_6p_lgAlJpNXd55yv1-edcjwjV96LyCsk87JBys7T9oLCYleR06dHe9FX0qZ-HwMI5VhJAn4eroC1QNscFG_W88XqavtQMQXZPA6iT6cjTk_wj-BD1qDlfl4nNEXCuoRNenApFl3OocSy3CRR9CrF9UfvZnGCwcOwb48Z9kiB2ItaPnQhXFID9x8s8ffcETDjTzlgmIVA7s06JmgVVOikZGPEC6Eq1JxCU7AwFz8E5MVAp0bDIV2FPpAgtBruEoSB5rU-450Ud%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1694166205
age
1094896
cf-polished
origSize=118430
x-guploader-uploadid
ADPycdvRNDSrLsq4rFUBrYyffZGk57AlA6TL7aGiXTaN2eXe7Da_6kEdpo2XHnuDhOFVbuKqZ3BrvbcSkuQiB84ETmeFsA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 08 Sep 2023 09:43:56 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
x-goog-generation
1694166236174866
content-type
text/css
x-goog-hash
crc32c=4fid0Q==, md5=SGUHzM6axYfRHA7z8yoQmg==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBtVl8FNZ3KtalOkpTNAduAZhVRDVJAARFj%2FDDhDcDXiMWdttZguP4GRAFbhKXbCk2TaFVcjKsO0SJfa6BWT4JRAPfPUgfSYi%2Fuk49JrqkYiYN60tsMye2inqfBaupq29qP4N9GEzY4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
118430
cf-ray
809eb3948b659170-FRA
expires
Thu, 21 Sep 2023 02:58:09 GMT
D3B45A55F1C50FB7DB83A4641D3A00C5469052BD411126DAEF979DC6C7E100A43C6EEA78A629947E9B95CB19A68C69E940F7D222E09A96EADEB8614D07C65C60
assets.ad4m.at/logo/ Frame 9E5D 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D3B45A55F1C50FB7DB83A4641D3A00C5469052BD411126DAEF979DC6C7E100A43C6EEA78A629947E9B95CB19A68C69E940F7D222E09A96EADEB8614D07C65C60
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329291&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2CRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CQx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV&c=728&d=90&e=&g=81db5544978d0901e814cde68bae6ea4%2F14132338960290869897&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695261489030&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC0nIvLaMLZdOXAd6g9u8Pg7aPmA7E_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAlqJkWaV77E-qAMByAObBKoEkwJP0BPHGRF8VHXZIi7u03xCuicUkvWSte4Zs25DrieC4vn5y1RPNIgeRLIUHhIvHf61EBjpl2tMQwE5XjPZv8T0l7angG6BWBTqaIf93JDcthdb4JcRDLb55xT2fvYug0d3W-uk259OMvwHPiZS43K5iTjsHE8N08qE_gQx0zjA1jBgxPuQD0_KMBEcEJByG6b_iB-3Jd5GfKyHxttTPnslYVSmQ8BHTVilyr1oC0x68WW1tSmlxr0ckOrBaA3lPHifzWCWwrHecqPUwfMx4V4wCpRv54drArU7-1BSKIvsFsw0fK_4yzEmypzQADLa_GE8rnYlG-JTS8TlZAEniWovWhjsF9H7PUiHuJLWMk3yZESCyMAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMjk1MDEzgAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIk-L2lM26gQMVXpD9Bx0D2wPjEAEYASAAEgJWZ_D_BwE%2526num%253D1%2526cid%253DCAQSQABpAlJWPQoz98peRfo7CH5D4ZuOJf-qGYgNJNCZ696YMvynKZmZx1SCA2pg5J8zr8o3UMsf29eZvuSXzLQQ2FIYAQ%2526sig%253DAOD64_0aRLjirbSVIXfl9ZffUYIdOqbM5A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DROX-F3-i0Rt1rSCR-xH9m6E7f8-f07qLDGoYnIW6d0WzoRDPIx5Qw9DEso3ccDbOLhZX6-dPNn608TziDV3b8IfEaZZxT3nwVHFswMlty5qDHWkWW1yIEnrCUGdVIolKtElkWcWLcLG3ZHugnjs6MKTkcMlK8dcANl3qLGtkjYeCJ30M%2526cry%253D1%2526dbm_d%253DAKAmf-DZRzjJ5S3CqTA0gqzuMOa8gSqVUKvnyq-yK3QkXq_vM1Fik35GMjlOv6Ycv07zx9c8Zdwh6siFO8-UX16JpMWqXckbPW_v0GTKeJMD9DCGi6H8ascfh7SUR0sFZoSgV13_aQk4g36kjRXFKl6UUbCoeCMOTaQCesTkEiyAp8Dqq_xjYo8LMDV0kIEyfRPRtljOURL9dGkZXtwRVWsUNj_-2GwWzUkHWV27L77oBUwuwcOgMOQJ1j-dw_073a2AvEXgZIY8up0DAa5JV86nzCH6RT9uhjd09nVcNqtqcEIq0WVPn7nvIelqDB9ho_89yxDLGrDDXUBuHXnuOjTN5t-obFWrl22IN3DTzDTyuAirc_0WmhuA_M-TTtnTHlTHO04cKshWgtMZFy56t61IsBtvbl7KRUpWHZWrsMaWWhiemid0GwgxZ386iwo-Vw_6p_lgAlJpNXd55yv1-edcjwjV96LyCsk87JBys7T9oLCYleR06dHe9FX0qZ-HwMI5VhJAn4eroC1QNscFG_W88XqavtQMQXZPA6iT6cjTk_wj-BD1qDlfl4nNEXCuoRNenApFl3OocSy3CRR9CrF9UfvZnGCwcOwb48Z9kiB2ItaPnQhXFID9x8s8ffcETDjTzlgmIVA7s06JmgVVOikZGPEC6Eq1JxCU7AwFz8E5MVAp0bDIV2FPpAgtBruEoSB5rU-450Ud%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103379
cf-polished
origFmt=png, origSize=14365
alt-svc
h3=":443"; ma=86400
content-length
10826
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:11:46 GMT
server
cloudflare
etag
"405368a2037ee53412eae93c3ecf0526"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9aneXqflDdydLI4k5PuezpDlT42DcDCIP5QFSMFGabivPOLasNCZCG7%2Bp663L9xuVLdg95HOcm3fv%2BL78Al9LCZOMoMvoLJLXHIbvBSQQrH8ZzwKoTkGEEPVrxnqqTIQxz8dumN05XI8u9A"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
809eb3949bc5915c-FRA
expires
Fri, 22 Sep 2023 01:58:09 GMT
87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
assets.ad4m.at/ Frame 9E5D 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329291&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2CRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CQx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV&c=728&d=90&e=&g=81db5544978d0901e814cde68bae6ea4%2F14132338960290869897&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695261489030&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC0nIvLaMLZdOXAd6g9u8Pg7aPmA7E_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAlqJkWaV77E-qAMByAObBKoEkwJP0BPHGRF8VHXZIi7u03xCuicUkvWSte4Zs25DrieC4vn5y1RPNIgeRLIUHhIvHf61EBjpl2tMQwE5XjPZv8T0l7angG6BWBTqaIf93JDcthdb4JcRDLb55xT2fvYug0d3W-uk259OMvwHPiZS43K5iTjsHE8N08qE_gQx0zjA1jBgxPuQD0_KMBEcEJByG6b_iB-3Jd5GfKyHxttTPnslYVSmQ8BHTVilyr1oC0x68WW1tSmlxr0ckOrBaA3lPHifzWCWwrHecqPUwfMx4V4wCpRv54drArU7-1BSKIvsFsw0fK_4yzEmypzQADLa_GE8rnYlG-JTS8TlZAEniWovWhjsF9H7PUiHuJLWMk3yZESCyMAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMjk1MDEzgAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIk-L2lM26gQMVXpD9Bx0D2wPjEAEYASAAEgJWZ_D_BwE%2526num%253D1%2526cid%253DCAQSQABpAlJWPQoz98peRfo7CH5D4ZuOJf-qGYgNJNCZ696YMvynKZmZx1SCA2pg5J8zr8o3UMsf29eZvuSXzLQQ2FIYAQ%2526sig%253DAOD64_0aRLjirbSVIXfl9ZffUYIdOqbM5A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DROX-F3-i0Rt1rSCR-xH9m6E7f8-f07qLDGoYnIW6d0WzoRDPIx5Qw9DEso3ccDbOLhZX6-dPNn608TziDV3b8IfEaZZxT3nwVHFswMlty5qDHWkWW1yIEnrCUGdVIolKtElkWcWLcLG3ZHugnjs6MKTkcMlK8dcANl3qLGtkjYeCJ30M%2526cry%253D1%2526dbm_d%253DAKAmf-DZRzjJ5S3CqTA0gqzuMOa8gSqVUKvnyq-yK3QkXq_vM1Fik35GMjlOv6Ycv07zx9c8Zdwh6siFO8-UX16JpMWqXckbPW_v0GTKeJMD9DCGi6H8ascfh7SUR0sFZoSgV13_aQk4g36kjRXFKl6UUbCoeCMOTaQCesTkEiyAp8Dqq_xjYo8LMDV0kIEyfRPRtljOURL9dGkZXtwRVWsUNj_-2GwWzUkHWV27L77oBUwuwcOgMOQJ1j-dw_073a2AvEXgZIY8up0DAa5JV86nzCH6RT9uhjd09nVcNqtqcEIq0WVPn7nvIelqDB9ho_89yxDLGrDDXUBuHXnuOjTN5t-obFWrl22IN3DTzDTyuAirc_0WmhuA_M-TTtnTHlTHO04cKshWgtMZFy56t61IsBtvbl7KRUpWHZWrsMaWWhiemid0GwgxZ386iwo-Vw_6p_lgAlJpNXd55yv1-edcjwjV96LyCsk87JBys7T9oLCYleR06dHe9FX0qZ-HwMI5VhJAn4eroC1QNscFG_W88XqavtQMQXZPA6iT6cjTk_wj-BD1qDlfl4nNEXCuoRNenApFl3OocSy3CRR9CrF9UfvZnGCwcOwb48Z9kiB2ItaPnQhXFID9x8s8ffcETDjTzlgmIVA7s06JmgVVOikZGPEC6Eq1JxCU7AwFz8E5MVAp0bDIV2FPpAgtBruEoSB5rU-450Ud%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
215619d70dcc8cac824c412db541e9461b9ba3ccb80462a5a125b36699e4a720

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2562270
cf-polished
origFmt=png, origSize=17719
alt-svc
h3=":443"; ma=86400
content-length
14118
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Oct 2019 13:02:31 GMT
server
cloudflare
etag
"27a67b486c4e661d3a1c0664a26b354c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPAJjdtpgvzM4yROuX73HK2MQHM21FEOcHHysmm%2F5WXpKULPaTItkp768QrZcisgBMCl86o2Qm%2BSP%2FukZ2iY2PW%2BG1y6kWwUeZrETLXGCavBvUWzoibfPKRzjGR%2BSELzWz2UGfv%2FpHvRuiq7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
809eb394abd5915c-FRA
expires
Fri, 22 Sep 2023 01:58:09 GMT
ztpv.php
www.conrad.ch/ Frame 9E5D
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246444&v=11482&q=346440&r=412871&pv=1&pref3=oneid8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHkoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.ch/ztpv.php?insert=AW
0
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.ch/ztpv.php?insert=AW
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329291&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2CRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CQx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV&c=728&d=90&e=&g=81db5544978d0901e814cde68bae6ea4%2F14132338960290869897&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695261489030&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC0nIvLaMLZdOXAd6g9u8Pg7aPmA7E_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAlqJkWaV77E-qAMByAObBKoEkwJP0BPHGRF8VHXZIi7u03xCuicUkvWSte4Zs25DrieC4vn5y1RPNIgeRLIUHhIvHf61EBjpl2tMQwE5XjPZv8T0l7angG6BWBTqaIf93JDcthdb4JcRDLb55xT2fvYug0d3W-uk259OMvwHPiZS43K5iTjsHE8N08qE_gQx0zjA1jBgxPuQD0_KMBEcEJByG6b_iB-3Jd5GfKyHxttTPnslYVSmQ8BHTVilyr1oC0x68WW1tSmlxr0ckOrBaA3lPHifzWCWwrHecqPUwfMx4V4wCpRv54drArU7-1BSKIvsFsw0fK_4yzEmypzQADLa_GE8rnYlG-JTS8TlZAEniWovWhjsF9H7PUiHuJLWMk3yZESCyMAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMjk1MDEzgAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIk-L2lM26gQMVXpD9Bx0D2wPjEAEYASAAEgJWZ_D_BwE%2526num%253D1%2526cid%253DCAQSQABpAlJWPQoz98peRfo7CH5D4ZuOJf-qGYgNJNCZ696YMvynKZmZx1SCA2pg5J8zr8o3UMsf29eZvuSXzLQQ2FIYAQ%2526sig%253DAOD64_0aRLjirbSVIXfl9ZffUYIdOqbM5A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DROX-F3-i0Rt1rSCR-xH9m6E7f8-f07qLDGoYnIW6d0WzoRDPIx5Qw9DEso3ccDbOLhZX6-dPNn608TziDV3b8IfEaZZxT3nwVHFswMlty5qDHWkWW1yIEnrCUGdVIolKtElkWcWLcLG3ZHugnjs6MKTkcMlK8dcANl3qLGtkjYeCJ30M%2526cry%253D1%2526dbm_d%253DAKAmf-DZRzjJ5S3CqTA0gqzuMOa8gSqVUKvnyq-yK3QkXq_vM1Fik35GMjlOv6Ycv07zx9c8Zdwh6siFO8-UX16JpMWqXckbPW_v0GTKeJMD9DCGi6H8ascfh7SUR0sFZoSgV13_aQk4g36kjRXFKl6UUbCoeCMOTaQCesTkEiyAp8Dqq_xjYo8LMDV0kIEyfRPRtljOURL9dGkZXtwRVWsUNj_-2GwWzUkHWV27L77oBUwuwcOgMOQJ1j-dw_073a2AvEXgZIY8up0DAa5JV86nzCH6RT9uhjd09nVcNqtqcEIq0WVPn7nvIelqDB9ho_89yxDLGrDDXUBuHXnuOjTN5t-obFWrl22IN3DTzDTyuAirc_0WmhuA_M-TTtnTHlTHO04cKshWgtMZFy56t61IsBtvbl7KRUpWHZWrsMaWWhiemid0GwgxZ386iwo-Vw_6p_lgAlJpNXd55yv1-edcjwjV96LyCsk87JBys7T9oLCYleR06dHe9FX0qZ-HwMI5VhJAn4eroC1QNscFG_W88XqavtQMQXZPA6iT6cjTk_wj-BD1qDlfl4nNEXCuoRNenApFl3OocSy3CRR9CrF9UfvZnGCwcOwb48Z9kiB2ItaPnQhXFID9x8s8ffcETDjTzlgmIVA7s06JmgVVOikZGPEC6Eq1JxCU7AwFz8E5MVAp0bDIV2FPpAgtBruEoSB5rU-450Ud%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:bae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
809eb395fe3001e3-ZRH
content-length
0
expires
-1

Redirect headers

Date
Thu, 21 Sep 2023 01:58:09 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.ch/ztpv.php?insert=AW
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
5A4D44C3DE4BA2EE5CE7C957B94056F614D8C1AF31527286DF76718BA19538D51EFD158B736C3D2B03ABD47F6785B4182E88C8C362F86346C112BF56EB8E75B1
assets.ad4m.at/logo/ Frame 9E5D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/5A4D44C3DE4BA2EE5CE7C957B94056F614D8C1AF31527286DF76718BA19538D51EFD158B736C3D2B03ABD47F6785B4182E88C8C362F86346C112BF56EB8E75B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329291&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2CRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CQx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV&c=728&d=90&e=&g=81db5544978d0901e814cde68bae6ea4%2F14132338960290869897&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695261489030&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC0nIvLaMLZdOXAd6g9u8Pg7aPmA7E_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAlqJkWaV77E-qAMByAObBKoEkwJP0BPHGRF8VHXZIi7u03xCuicUkvWSte4Zs25DrieC4vn5y1RPNIgeRLIUHhIvHf61EBjpl2tMQwE5XjPZv8T0l7angG6BWBTqaIf93JDcthdb4JcRDLb55xT2fvYug0d3W-uk259OMvwHPiZS43K5iTjsHE8N08qE_gQx0zjA1jBgxPuQD0_KMBEcEJByG6b_iB-3Jd5GfKyHxttTPnslYVSmQ8BHTVilyr1oC0x68WW1tSmlxr0ckOrBaA3lPHifzWCWwrHecqPUwfMx4V4wCpRv54drArU7-1BSKIvsFsw0fK_4yzEmypzQADLa_GE8rnYlG-JTS8TlZAEniWovWhjsF9H7PUiHuJLWMk3yZESCyMAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMjk1MDEzgAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIk-L2lM26gQMVXpD9Bx0D2wPjEAEYASAAEgJWZ_D_BwE%2526num%253D1%2526cid%253DCAQSQABpAlJWPQoz98peRfo7CH5D4ZuOJf-qGYgNJNCZ696YMvynKZmZx1SCA2pg5J8zr8o3UMsf29eZvuSXzLQQ2FIYAQ%2526sig%253DAOD64_0aRLjirbSVIXfl9ZffUYIdOqbM5A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DROX-F3-i0Rt1rSCR-xH9m6E7f8-f07qLDGoYnIW6d0WzoRDPIx5Qw9DEso3ccDbOLhZX6-dPNn608TziDV3b8IfEaZZxT3nwVHFswMlty5qDHWkWW1yIEnrCUGdVIolKtElkWcWLcLG3ZHugnjs6MKTkcMlK8dcANl3qLGtkjYeCJ30M%2526cry%253D1%2526dbm_d%253DAKAmf-DZRzjJ5S3CqTA0gqzuMOa8gSqVUKvnyq-yK3QkXq_vM1Fik35GMjlOv6Ycv07zx9c8Zdwh6siFO8-UX16JpMWqXckbPW_v0GTKeJMD9DCGi6H8ascfh7SUR0sFZoSgV13_aQk4g36kjRXFKl6UUbCoeCMOTaQCesTkEiyAp8Dqq_xjYo8LMDV0kIEyfRPRtljOURL9dGkZXtwRVWsUNj_-2GwWzUkHWV27L77oBUwuwcOgMOQJ1j-dw_073a2AvEXgZIY8up0DAa5JV86nzCH6RT9uhjd09nVcNqtqcEIq0WVPn7nvIelqDB9ho_89yxDLGrDDXUBuHXnuOjTN5t-obFWrl22IN3DTzDTyuAirc_0WmhuA_M-TTtnTHlTHO04cKshWgtMZFy56t61IsBtvbl7KRUpWHZWrsMaWWhiemid0GwgxZ386iwo-Vw_6p_lgAlJpNXd55yv1-edcjwjV96LyCsk87JBys7T9oLCYleR06dHe9FX0qZ-HwMI5VhJAn4eroC1QNscFG_W88XqavtQMQXZPA6iT6cjTk_wj-BD1qDlfl4nNEXCuoRNenApFl3OocSy3CRR9CrF9UfvZnGCwcOwb48Z9kiB2ItaPnQhXFID9x8s8ffcETDjTzlgmIVA7s06JmgVVOikZGPEC6Eq1JxCU7AwFz8E5MVAp0bDIV2FPpAgtBruEoSB5rU-450Ud%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e71f18edd174a4cb13dc9b75daa0d9d7ce1fc949585941eac0f85263893bcac

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2244714
cf-polished
origFmt=png, origSize=10671
alt-svc
h3=":443"; ma=86400
content-length
2788
cf-bgj
imgq:85,h2pri
last-modified
Tue, 25 Jul 2023 10:08:34 GMT
server
cloudflare
etag
"9acf9d00a48a7f6dbfd2227b1e5270f4"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJBrFbPU6Cjhh6V%2BKymSzvac3k4cCNnrn%2FaY8cm4RceafnBlEx2QoIlMguewImQO7X8IHtgi7yq09Oq4p0XEB4dxPCntTTe1C%2FPtBzdbSh%2B%2B%2FQPular3DIjssZRSICNsnJyWrAZlzKVOJXdW"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
809eb394abd6915c-FRA
expires
Fri, 22 Sep 2023 01:58:09 GMT
83B190E70C0AA9B95F6BCCDB3A57CEAF501AA63168C9AD4C9EDC5CE5B876040D48E4230B3C84514DBA05FA6AC3A57F755FEC87C355A18FD82B1F88B8F702271D
assets.ad4m.at/ Frame 9E5D 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/83B190E70C0AA9B95F6BCCDB3A57CEAF501AA63168C9AD4C9EDC5CE5B876040D48E4230B3C84514DBA05FA6AC3A57F755FEC87C355A18FD82B1F88B8F702271D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329291&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2CRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CQx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV&c=728&d=90&e=&g=81db5544978d0901e814cde68bae6ea4%2F14132338960290869897&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695261489030&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC0nIvLaMLZdOXAd6g9u8Pg7aPmA7E_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAlqJkWaV77E-qAMByAObBKoEkwJP0BPHGRF8VHXZIi7u03xCuicUkvWSte4Zs25DrieC4vn5y1RPNIgeRLIUHhIvHf61EBjpl2tMQwE5XjPZv8T0l7angG6BWBTqaIf93JDcthdb4JcRDLb55xT2fvYug0d3W-uk259OMvwHPiZS43K5iTjsHE8N08qE_gQx0zjA1jBgxPuQD0_KMBEcEJByG6b_iB-3Jd5GfKyHxttTPnslYVSmQ8BHTVilyr1oC0x68WW1tSmlxr0ckOrBaA3lPHifzWCWwrHecqPUwfMx4V4wCpRv54drArU7-1BSKIvsFsw0fK_4yzEmypzQADLa_GE8rnYlG-JTS8TlZAEniWovWhjsF9H7PUiHuJLWMk3yZESCyMAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMjk1MDEzgAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIk-L2lM26gQMVXpD9Bx0D2wPjEAEYASAAEgJWZ_D_BwE%2526num%253D1%2526cid%253DCAQSQABpAlJWPQoz98peRfo7CH5D4ZuOJf-qGYgNJNCZ696YMvynKZmZx1SCA2pg5J8zr8o3UMsf29eZvuSXzLQQ2FIYAQ%2526sig%253DAOD64_0aRLjirbSVIXfl9ZffUYIdOqbM5A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DROX-F3-i0Rt1rSCR-xH9m6E7f8-f07qLDGoYnIW6d0WzoRDPIx5Qw9DEso3ccDbOLhZX6-dPNn608TziDV3b8IfEaZZxT3nwVHFswMlty5qDHWkWW1yIEnrCUGdVIolKtElkWcWLcLG3ZHugnjs6MKTkcMlK8dcANl3qLGtkjYeCJ30M%2526cry%253D1%2526dbm_d%253DAKAmf-DZRzjJ5S3CqTA0gqzuMOa8gSqVUKvnyq-yK3QkXq_vM1Fik35GMjlOv6Ycv07zx9c8Zdwh6siFO8-UX16JpMWqXckbPW_v0GTKeJMD9DCGi6H8ascfh7SUR0sFZoSgV13_aQk4g36kjRXFKl6UUbCoeCMOTaQCesTkEiyAp8Dqq_xjYo8LMDV0kIEyfRPRtljOURL9dGkZXtwRVWsUNj_-2GwWzUkHWV27L77oBUwuwcOgMOQJ1j-dw_073a2AvEXgZIY8up0DAa5JV86nzCH6RT9uhjd09nVcNqtqcEIq0WVPn7nvIelqDB9ho_89yxDLGrDDXUBuHXnuOjTN5t-obFWrl22IN3DTzDTyuAirc_0WmhuA_M-TTtnTHlTHO04cKshWgtMZFy56t61IsBtvbl7KRUpWHZWrsMaWWhiemid0GwgxZ386iwo-Vw_6p_lgAlJpNXd55yv1-edcjwjV96LyCsk87JBys7T9oLCYleR06dHe9FX0qZ-HwMI5VhJAn4eroC1QNscFG_W88XqavtQMQXZPA6iT6cjTk_wj-BD1qDlfl4nNEXCuoRNenApFl3OocSy3CRR9CrF9UfvZnGCwcOwb48Z9kiB2ItaPnQhXFID9x8s8ffcETDjTzlgmIVA7s06JmgVVOikZGPEC6Eq1JxCU7AwFz8E5MVAp0bDIV2FPpAgtBruEoSB5rU-450Ud%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d96735bde2e2c59266472297e95420bbea8c9c3f6d5bcce1548c3a62243249

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2244717
cf-polished
origFmt=png, origSize=161182
alt-svc
h3=":443"; ma=86400
content-length
97668
cf-bgj
imgq:85,h2pri
last-modified
Tue, 25 Jul 2023 10:16:07 GMT
server
cloudflare
etag
"51d64cff249103fb8a1f53706965d58f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52KOwlq2OF9f%2BDhsz%2BD6onVUyS5SAckFU1Cp3dG9wk1RaID4vXHH%2FKVKAvSUmQhn2w2IBFRgP%2FXttGlpyH7cv4wKDCTS5tBaQhY13lc%2BW%2FG2HIL%2BxmluAsAWfuynYBZ7%2BFieHf1W4F%2BB9B3U"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
809eb394abd7915c-FRA
expires
Fri, 22 Sep 2023 01:58:09 GMT
cshow.php
www.awin1.com/ Frame 9E5D 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2578904&v=18851&q=382783&r=412871&pv=1&pref3=oneidxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHAoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329291&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2CRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CQx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV&c=728&d=90&e=&g=81db5544978d0901e814cde68bae6ea4%2F14132338960290869897&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695261489030&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC0nIvLaMLZdOXAd6g9u8Pg7aPmA7E_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAlqJkWaV77E-qAMByAObBKoEkwJP0BPHGRF8VHXZIi7u03xCuicUkvWSte4Zs25DrieC4vn5y1RPNIgeRLIUHhIvHf61EBjpl2tMQwE5XjPZv8T0l7angG6BWBTqaIf93JDcthdb4JcRDLb55xT2fvYug0d3W-uk259OMvwHPiZS43K5iTjsHE8N08qE_gQx0zjA1jBgxPuQD0_KMBEcEJByG6b_iB-3Jd5GfKyHxttTPnslYVSmQ8BHTVilyr1oC0x68WW1tSmlxr0ckOrBaA3lPHifzWCWwrHecqPUwfMx4V4wCpRv54drArU7-1BSKIvsFsw0fK_4yzEmypzQADLa_GE8rnYlG-JTS8TlZAEniWovWhjsF9H7PUiHuJLWMk3yZESCyMAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMjk1MDEzgAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIk-L2lM26gQMVXpD9Bx0D2wPjEAEYASAAEgJWZ_D_BwE%2526num%253D1%2526cid%253DCAQSQABpAlJWPQoz98peRfo7CH5D4ZuOJf-qGYgNJNCZ696YMvynKZmZx1SCA2pg5J8zr8o3UMsf29eZvuSXzLQQ2FIYAQ%2526sig%253DAOD64_0aRLjirbSVIXfl9ZffUYIdOqbM5A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DROX-F3-i0Rt1rSCR-xH9m6E7f8-f07qLDGoYnIW6d0WzoRDPIx5Qw9DEso3ccDbOLhZX6-dPNn608TziDV3b8IfEaZZxT3nwVHFswMlty5qDHWkWW1yIEnrCUGdVIolKtElkWcWLcLG3ZHugnjs6MKTkcMlK8dcANl3qLGtkjYeCJ30M%2526cry%253D1%2526dbm_d%253DAKAmf-DZRzjJ5S3CqTA0gqzuMOa8gSqVUKvnyq-yK3QkXq_vM1Fik35GMjlOv6Ycv07zx9c8Zdwh6siFO8-UX16JpMWqXckbPW_v0GTKeJMD9DCGi6H8ascfh7SUR0sFZoSgV13_aQk4g36kjRXFKl6UUbCoeCMOTaQCesTkEiyAp8Dqq_xjYo8LMDV0kIEyfRPRtljOURL9dGkZXtwRVWsUNj_-2GwWzUkHWV27L77oBUwuwcOgMOQJ1j-dw_073a2AvEXgZIY8up0DAa5JV86nzCH6RT9uhjd09nVcNqtqcEIq0WVPn7nvIelqDB9ho_89yxDLGrDDXUBuHXnuOjTN5t-obFWrl22IN3DTzDTyuAirc_0WmhuA_M-TTtnTHlTHO04cKshWgtMZFy56t61IsBtvbl7KRUpWHZWrsMaWWhiemid0GwgxZ386iwo-Vw_6p_lgAlJpNXd55yv1-edcjwjV96LyCsk87JBys7T9oLCYleR06dHe9FX0qZ-HwMI5VhJAn4eroC1QNscFG_W88XqavtQMQXZPA6iT6cjTk_wj-BD1qDlfl4nNEXCuoRNenApFl3OocSy3CRR9CrF9UfvZnGCwcOwb48Z9kiB2ItaPnQhXFID9x8s8ffcETDjTzlgmIVA7s06JmgVVOikZGPEC6Eq1JxCU7AwFz8E5MVAp0bDIV2FPpAgtBruEoSB5rU-450Ud%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:09 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
EB6BF7C773C54C26856A0D8D7150B655B849D79C22453DC6A7B8FCE10BEDF4DA40FCA40DC7B01242E990F461A5818963443B7F0C188F7F80310E7C2E8D80CF8F
assets.ad4m.at/logo/ Frame 9E5D 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/EB6BF7C773C54C26856A0D8D7150B655B849D79C22453DC6A7B8FCE10BEDF4DA40FCA40DC7B01242E990F461A5818963443B7F0C188F7F80310E7C2E8D80CF8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329291&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2CRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CQx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV&c=728&d=90&e=&g=81db5544978d0901e814cde68bae6ea4%2F14132338960290869897&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695261489030&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC0nIvLaMLZdOXAd6g9u8Pg7aPmA7E_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAlqJkWaV77E-qAMByAObBKoEkwJP0BPHGRF8VHXZIi7u03xCuicUkvWSte4Zs25DrieC4vn5y1RPNIgeRLIUHhIvHf61EBjpl2tMQwE5XjPZv8T0l7angG6BWBTqaIf93JDcthdb4JcRDLb55xT2fvYug0d3W-uk259OMvwHPiZS43K5iTjsHE8N08qE_gQx0zjA1jBgxPuQD0_KMBEcEJByG6b_iB-3Jd5GfKyHxttTPnslYVSmQ8BHTVilyr1oC0x68WW1tSmlxr0ckOrBaA3lPHifzWCWwrHecqPUwfMx4V4wCpRv54drArU7-1BSKIvsFsw0fK_4yzEmypzQADLa_GE8rnYlG-JTS8TlZAEniWovWhjsF9H7PUiHuJLWMk3yZESCyMAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMjk1MDEzgAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIk-L2lM26gQMVXpD9Bx0D2wPjEAEYASAAEgJWZ_D_BwE%2526num%253D1%2526cid%253DCAQSQABpAlJWPQoz98peRfo7CH5D4ZuOJf-qGYgNJNCZ696YMvynKZmZx1SCA2pg5J8zr8o3UMsf29eZvuSXzLQQ2FIYAQ%2526sig%253DAOD64_0aRLjirbSVIXfl9ZffUYIdOqbM5A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DROX-F3-i0Rt1rSCR-xH9m6E7f8-f07qLDGoYnIW6d0WzoRDPIx5Qw9DEso3ccDbOLhZX6-dPNn608TziDV3b8IfEaZZxT3nwVHFswMlty5qDHWkWW1yIEnrCUGdVIolKtElkWcWLcLG3ZHugnjs6MKTkcMlK8dcANl3qLGtkjYeCJ30M%2526cry%253D1%2526dbm_d%253DAKAmf-DZRzjJ5S3CqTA0gqzuMOa8gSqVUKvnyq-yK3QkXq_vM1Fik35GMjlOv6Ycv07zx9c8Zdwh6siFO8-UX16JpMWqXckbPW_v0GTKeJMD9DCGi6H8ascfh7SUR0sFZoSgV13_aQk4g36kjRXFKl6UUbCoeCMOTaQCesTkEiyAp8Dqq_xjYo8LMDV0kIEyfRPRtljOURL9dGkZXtwRVWsUNj_-2GwWzUkHWV27L77oBUwuwcOgMOQJ1j-dw_073a2AvEXgZIY8up0DAa5JV86nzCH6RT9uhjd09nVcNqtqcEIq0WVPn7nvIelqDB9ho_89yxDLGrDDXUBuHXnuOjTN5t-obFWrl22IN3DTzDTyuAirc_0WmhuA_M-TTtnTHlTHO04cKshWgtMZFy56t61IsBtvbl7KRUpWHZWrsMaWWhiemid0GwgxZ386iwo-Vw_6p_lgAlJpNXd55yv1-edcjwjV96LyCsk87JBys7T9oLCYleR06dHe9FX0qZ-HwMI5VhJAn4eroC1QNscFG_W88XqavtQMQXZPA6iT6cjTk_wj-BD1qDlfl4nNEXCuoRNenApFl3OocSy3CRR9CrF9UfvZnGCwcOwb48Z9kiB2ItaPnQhXFID9x8s8ffcETDjTzlgmIVA7s06JmgVVOikZGPEC6Eq1JxCU7AwFz8E5MVAp0bDIV2FPpAgtBruEoSB5rU-450Ud%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe555be78efec6fde29edd9b0169e3a7c0c4e61187fd2584f5d9a4719ab738f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
802540
cf-polished
origFmt=png, origSize=57632
alt-svc
h3=":443"; ma=86400
content-length
30756
cf-bgj
imgq:85,h2pri
last-modified
Wed, 04 Jan 2023 14:53:11 GMT
server
cloudflare
etag
"de40c3e9eed9e7f2fbbae8f194b696fe"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zp9EkIoTjmSZI4Vfom%2B%2FfTSC1In24CqRq7t5S8xASWFT%2B1LMwGmt67UxthFjQCbfUIv7%2F244TEVBLZIyKYr8mt98CZGMTLaAxIZpuOpxaYJR%2FPzs5KKCqagU8OukAr%2Ba%2FSEyJHOS4auDSyjY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
809eb394abd8915c-FRA
expires
Fri, 22 Sep 2023 01:58:09 GMT
2D17DC9E3E7D0E96BDBDCD074D281D20E0445889CDF36AFB4561092102CB007915477D92489188E5B8E538E16BFAF0CAAEA357ED47FCD57A2069EB55BD84BC61
assets.ad4m.at/ Frame 9E5D 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/2D17DC9E3E7D0E96BDBDCD074D281D20E0445889CDF36AFB4561092102CB007915477D92489188E5B8E538E16BFAF0CAAEA357ED47FCD57A2069EB55BD84BC61
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329291&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2CRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CQx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV&c=728&d=90&e=&g=81db5544978d0901e814cde68bae6ea4%2F14132338960290869897&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695261489030&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC0nIvLaMLZdOXAd6g9u8Pg7aPmA7E_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAlqJkWaV77E-qAMByAObBKoEkwJP0BPHGRF8VHXZIi7u03xCuicUkvWSte4Zs25DrieC4vn5y1RPNIgeRLIUHhIvHf61EBjpl2tMQwE5XjPZv8T0l7angG6BWBTqaIf93JDcthdb4JcRDLb55xT2fvYug0d3W-uk259OMvwHPiZS43K5iTjsHE8N08qE_gQx0zjA1jBgxPuQD0_KMBEcEJByG6b_iB-3Jd5GfKyHxttTPnslYVSmQ8BHTVilyr1oC0x68WW1tSmlxr0ckOrBaA3lPHifzWCWwrHecqPUwfMx4V4wCpRv54drArU7-1BSKIvsFsw0fK_4yzEmypzQADLa_GE8rnYlG-JTS8TlZAEniWovWhjsF9H7PUiHuJLWMk3yZESCyMAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMjk1MDEzgAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIk-L2lM26gQMVXpD9Bx0D2wPjEAEYASAAEgJWZ_D_BwE%2526num%253D1%2526cid%253DCAQSQABpAlJWPQoz98peRfo7CH5D4ZuOJf-qGYgNJNCZ696YMvynKZmZx1SCA2pg5J8zr8o3UMsf29eZvuSXzLQQ2FIYAQ%2526sig%253DAOD64_0aRLjirbSVIXfl9ZffUYIdOqbM5A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DROX-F3-i0Rt1rSCR-xH9m6E7f8-f07qLDGoYnIW6d0WzoRDPIx5Qw9DEso3ccDbOLhZX6-dPNn608TziDV3b8IfEaZZxT3nwVHFswMlty5qDHWkWW1yIEnrCUGdVIolKtElkWcWLcLG3ZHugnjs6MKTkcMlK8dcANl3qLGtkjYeCJ30M%2526cry%253D1%2526dbm_d%253DAKAmf-DZRzjJ5S3CqTA0gqzuMOa8gSqVUKvnyq-yK3QkXq_vM1Fik35GMjlOv6Ycv07zx9c8Zdwh6siFO8-UX16JpMWqXckbPW_v0GTKeJMD9DCGi6H8ascfh7SUR0sFZoSgV13_aQk4g36kjRXFKl6UUbCoeCMOTaQCesTkEiyAp8Dqq_xjYo8LMDV0kIEyfRPRtljOURL9dGkZXtwRVWsUNj_-2GwWzUkHWV27L77oBUwuwcOgMOQJ1j-dw_073a2AvEXgZIY8up0DAa5JV86nzCH6RT9uhjd09nVcNqtqcEIq0WVPn7nvIelqDB9ho_89yxDLGrDDXUBuHXnuOjTN5t-obFWrl22IN3DTzDTyuAirc_0WmhuA_M-TTtnTHlTHO04cKshWgtMZFy56t61IsBtvbl7KRUpWHZWrsMaWWhiemid0GwgxZ386iwo-Vw_6p_lgAlJpNXd55yv1-edcjwjV96LyCsk87JBys7T9oLCYleR06dHe9FX0qZ-HwMI5VhJAn4eroC1QNscFG_W88XqavtQMQXZPA6iT6cjTk_wj-BD1qDlfl4nNEXCuoRNenApFl3OocSy3CRR9CrF9UfvZnGCwcOwb48Z9kiB2ItaPnQhXFID9x8s8ffcETDjTzlgmIVA7s06JmgVVOikZGPEC6Eq1JxCU7AwFz8E5MVAp0bDIV2FPpAgtBruEoSB5rU-450Ud%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea16990ad58e54886f6a3d7850431798f0f46733017ffde9bb794945611260a2

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
116478
cf-polished
qual=85, origFmt=jpeg, origSize=105636
alt-svc
h3=":443"; ma=86400
content-length
47704
cf-bgj
imgq:85,h2pri
last-modified
Tue, 19 Sep 2023 07:54:59 GMT
server
cloudflare
etag
"53c21d17c63a71a9eea197b0f005f3e1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tG1EiAg2LM2Y84c7YM01QHN%2BNnd%2F%2Fi2JCv3E5VYVbg0yQxMZ7Hb%2BqodnWNZWnehjBtWPrLbs%2BseSMn8o3vRyv62cGknQqzdeGKUDw%2FHGu00Jn0HyrdWESMTBD5SWqIb2HZNDdVNOg2%2FoMMnk"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
809eb394abda915c-FRA
expires
Fri, 22 Sep 2023 01:58:09 GMT
449f5b35d42da361174f2f6b3b67dd69
min.tryiqos.ch/trck/epv/ Frame 9E5D 		43 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://min.tryiqos.ch/trck/epv/449f5b35d42da361174f2f6b3b67dd69?tp=onetag&t=img&subid=oneidRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7oneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14231%2C517453%2C329291&b=8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk%2CxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2CRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7&f=Zx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ%2CYxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CQx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV&c=728&d=90&e=&g=81db5544978d0901e814cde68bae6ea4%2F14132338960290869897&i=17833%2C196936%2C113349&j=16%2C16%2C22&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1695261489030&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC0nIvLaMLZdOXAd6g9u8Pg7aPmA7E_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAlqJkWaV77E-qAMByAObBKoEkwJP0BPHGRF8VHXZIi7u03xCuicUkvWSte4Zs25DrieC4vn5y1RPNIgeRLIUHhIvHf61EBjpl2tMQwE5XjPZv8T0l7angG6BWBTqaIf93JDcthdb4JcRDLb55xT2fvYug0d3W-uk259OMvwHPiZS43K5iTjsHE8N08qE_gQx0zjA1jBgxPuQD0_KMBEcEJByG6b_iB-3Jd5GfKyHxttTPnslYVSmQ8BHTVilyr1oC0x68WW1tSmlxr0ckOrBaA3lPHifzWCWwrHecqPUwfMx4V4wCpRv54drArU7-1BSKIvsFsw0fK_4yzEmypzQADLa_GE8rnYlG-JTS8TlZAEniWovWhjsF9H7PUiHuJLWMk3yZESCyMAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYXzICigI6AoBASL39wTryCA1iaWRkZXItMjk1MDEzgAoEmAsByAsBgAwBqg0CQ0jIDQGwE9vL6wLYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526gclid%253DEAIaIQobChMIk-L2lM26gQMVXpD9Bx0D2wPjEAEYASAAEgJWZ_D_BwE%2526num%253D1%2526cid%253DCAQSQABpAlJWPQoz98peRfo7CH5D4ZuOJf-qGYgNJNCZ696YMvynKZmZx1SCA2pg5J8zr8o3UMsf29eZvuSXzLQQ2FIYAQ%2526sig%253DAOD64_0aRLjirbSVIXfl9ZffUYIdOqbM5A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-DROX-F3-i0Rt1rSCR-xH9m6E7f8-f07qLDGoYnIW6d0WzoRDPIx5Qw9DEso3ccDbOLhZX6-dPNn608TziDV3b8IfEaZZxT3nwVHFswMlty5qDHWkWW1yIEnrCUGdVIolKtElkWcWLcLG3ZHugnjs6MKTkcMlK8dcANl3qLGtkjYeCJ30M%2526cry%253D1%2526dbm_d%253DAKAmf-DZRzjJ5S3CqTA0gqzuMOa8gSqVUKvnyq-yK3QkXq_vM1Fik35GMjlOv6Ycv07zx9c8Zdwh6siFO8-UX16JpMWqXckbPW_v0GTKeJMD9DCGi6H8ascfh7SUR0sFZoSgV13_aQk4g36kjRXFKl6UUbCoeCMOTaQCesTkEiyAp8Dqq_xjYo8LMDV0kIEyfRPRtljOURL9dGkZXtwRVWsUNj_-2GwWzUkHWV27L77oBUwuwcOgMOQJ1j-dw_073a2AvEXgZIY8up0DAa5JV86nzCH6RT9uhjd09nVcNqtqcEIq0WVPn7nvIelqDB9ho_89yxDLGrDDXUBuHXnuOjTN5t-obFWrl22IN3DTzDTyuAirc_0WmhuA_M-TTtnTHlTHO04cKshWgtMZFy56t61IsBtvbl7KRUpWHZWrsMaWWhiemid0GwgxZ386iwo-Vw_6p_lgAlJpNXd55yv1-edcjwjV96LyCsk87JBys7T9oLCYleR06dHe9FX0qZ-HwMI5VhJAn4eroC1QNscFG_W88XqavtQMQXZPA6iT6cjTk_wj-BD1qDlfl4nNEXCuoRNenApFl3OocSy3CRR9CrF9UfvZnGCwcOwb48Z9kiB2ItaPnQhXFID9x8s8ffcETDjTzlgmIVA7s06JmgVVOikZGPEC6Eq1JxCU7AwFz8E5MVAp0bDIV2FPpAgtBruEoSB5rU-450Ud%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.143.112 Villeurbanne, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:09 GMT
Server
nginx
X-IPLB-Request-ID
C3CE6983:A064_93878F70:01BB_650BA331_4DBBDD:18707
X-IPLB-Instance
46722
Vary
Origin
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-ID
Access-Control-Allow-Credentials
true
X-Min-LB
n4
Keep-Alive
timeout=20
Content-Length
43
track
s.seedtag.com/at/ Frame D32B 		35 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/at/track?d=UUhAZC_4UlBhvotBAbGJQEEDhseHqQVrfQ7fEaC5rqJYyN7vGD-AROZIR78Bsn8FLq-FwOSewK4FFWc0k_erGvEXifINfSTgGIOE2xjFC6CDNOnF4L85Meu0fuZ8_STgpusUIvJOZbpX5RqZdrGt3TXQ1sCoqi_oyG0pk5WoeD_7MVMcG0vuscsQFugLld10bog7BO8Bd-FHknAmT5Mhn5skltZzkiLIZNVUsDOsEb1vXmvEzfOKRrSs7IeGAGZpyUnVho87gYpMAwvoONmgH7I2SpZDgrA0zCsPXyyKnKEdeIaVygERNMlfYnvnTTLrDl63s40WQ5mnINOpTQQvNNOeFN6UTYKb5vhnitv4ByV_h5lHxjxKqwUXvprzjGswTCr_d_zy_2RgeUAaYbLNarxu4HJVsKdlYbQWllT7QGWlEI9DCW_-sn7gE3M78_WTQO2BJ3pMgA1GX_4cPShj_GWwfkbWLF49tTQ3_qP-RLbl8zl9JgiR1lI0ArQukpjEwcGnoqv7unLkx7-qfamB-Oqg4SUMl8qU9GijYjRVWXwDp35hjWUIQxF59kHe0e97nsepS3xCe0v5fiLQ9U1rSqzGkbJyJ0-YsikESHSewFo&c=t&hasLibraries=false&adunitType=inImage&sourceType=Tag&inventoryType=internal
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
content-encoding
gzip
via
1.1 google
server
openresty
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
image/gif
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
960x540-webm-800.webm
video.seedtag.com/63ff74f4df23a0002bef5a37/ Frame D32B 		254 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://video.seedtag.com/63ff74f4df23a0002bef5a37/960x540-webm-800.webm
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://extra.globo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
cf-cache-status
HIT
x-amz-request-id
ZZ2B1DJZ7EC8Q2BZ
age
78366
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-1690800/1690801
alt-svc
h3=":443"; ma=86400
Content-Length
1690801
x-amz-id-2
wttqJbZCUDRAlMQB3DyTksk7KHTm+YM8llc+FGycxdR2lS3JXQrJYvIrHDMCyCmWleib7JD0xm4=
last-modified
Wed, 01 Mar 2023 15:54:02 GMT
server
cloudflare
etag
"9ce89a8e2f0a58ec69f44851251dc2b2"
vary
Accept-Encoding
content-type
video/webm
cache-control
public, max-age=86400
cf-ray
809eb394bba524c0-ZRH
expires
Fri, 22 Sep 2023 01:58:09 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1591799&asId=982d781e-d550-a047-62dd-bc498b8462fe&tv=%7Bc:oOx59R,time:420,type:e,im:%7BpWait:45%7D,vv:3.8.8,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:420,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:48,wc:0.0.1600.1200,ac:356.906.888.594,am:v,cc:356.906.888.594,piv:49,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B412~30%5D,as:%5B412~888.594%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:fwjsvid,dtt:0,fm:tQs8rvZ+11%7C12%7C1311%7C1312%7C13131%7C13132%7C13133%7C13134%7C13135%7C13136%7C13137%7C1314%7C1315%7C141%7C142%7C143%7C144%7C15%7C16%7C17%7C18%7C1911%7C1912%7C1921%7C1931%7C1932%7C1a1%7C1b%7C1c1%7C1c2%7C1d1%7C1d2%7C1e%7C1f1%7C1f2%7C1f31%7C1f32%7C1f33%7C1f34%7C1f35%7C1f36%7C1f37%7C1f38%7C1f39%7C1f3a%7C1f3b%7C1f3c%7C1f41%7C1f421%7C1f422%7C1f5%7C1f6111%7C1f6112%7C1f6113%7C1f6114%7C1f6115%7C1f6116%7C1f6117%7C1f6118%7C1f612%7C1f613%7C1f62%7C1f63%7C1f64%7C1f65%7C1f66%7C1f7%7C1f8%7C1f9%7C1g%7C1h%7C1i%7C1j1%7C1k1%7C1l%7C1m%7C1n%7C1o1*.1591799-73198396%7C1o11%7C1p%7C1q%7C1r,idMap:1o1*,rmeas:1,rend:1,renddet:env,siq:53%7D&br=c
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:43fd:8cd4:5872:a15c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:09 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B67 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5369611794210&version=m202309120101&ct=77&x=13&cor=16302050988041155000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1591799&asId=982d781e-d550-a047-62dd-bc498b8462fe&tv=%7Bc:oOx5bb,pingTime:-10,time:502,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1695261489505%7C%7C718e1f8ff6cc58d3e208e3cd9b60082c%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C27549781114627ed66a9c4ab6bbd7a85%7C%7C61e02ce7e497ab8794468178670e7c4f%7C%7Cabfb692f947e48d48c8a32479ae8d959%7C%7C708c19f0bed504904303c2f89db8813e%7C%7C254823b326cf2d997cf33b8516ced08c%7C%7C1663701684%7D
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:43fd:8cd4:5872:a15c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:09 GMT
server
nginx
x-server-name
dt24.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:09 GMT
server
nginx
t
t.lkqd.net/ Frame 6618 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:09 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 0BD1 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6f992"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=44982, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Thu, 21 Sep 2023 14:27:51 GMT
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DB76 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D1%26key%3D
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132157
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 21 Sep 2023 01:58:09 GMT
expires
Fri, 22 Sep 2023 14:40:46 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
ups.analytics.yahoo.com/ups/58815/ Frame 14A8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=1&gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
0
date
Thu, 21 Sep 2023 01:58:09 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.75
strict-transport-security
max-age=31536000
cookiesyncendpoint
sync.aniview.com/ Frame CE6C
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1695261489337-948283613259-001244-004-000819&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-0...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=3&key=GDPR
0
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=3&key=GDPR
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.105.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-105-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
0
date
Thu, 21 Sep 2023 01:58:10 GMT

Redirect headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://extra.globo.com/
age
0
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 21 Sep 2023 01:58:09 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=3&key=GDPR
server
nginx
via
1.1 varnish
x-varnish
591957578
cookiesyncendpoint
sync.aniview.com/ Frame 6171
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26bid...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=200&key=OPTOUT
0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=200&key=OPTOUT
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.105.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-105-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
0
date
Thu, 21 Sep 2023 01:58:10 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 21 Sep 2023 01:58:09 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=200&key=OPTOUT
pragma
no-cache
pixel
ap.lijit.com/ Frame F70E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D18%26key%3D%24UID
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 21 Sep 2023 01:58:09 GMT
X-Sovrn-Pod
ad_ap1ams1
usync.html
eus.rubiconproject.com/ Frame E614
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 01:58:09 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 21 Sep 2023 01:58:09 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 051F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
cookiesyncendpoint
sync.aniview.com/ Frame 5AE9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D10%2...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=10&pid=59c9148628a0612da3689288&key=lIBltm0HGXpD&ev=1&us_privacy=1---&pid=562704
0
206 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=10&pid=59c9148628a0612da3689288&key=lIBltm0HGXpD&ev=1&us_privacy=1---&pid=562704
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.105.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-105-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
0
date
Thu, 21 Sep 2023 01:58:10 GMT

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
de-CH
cw-server
bh-deployment-f59c96d6-9g5rb
expires
-1
location
https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=10&pid=59c9148628a0612da3689288&key=lIBltm0HGXpD&ev=1&us_privacy=1---&pid=562704
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
cookiesyncendpoint
sync.aniview.com/ Frame AA0F
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D105%26pid%3D59c9148...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.105.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-105-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
0
date
Thu, 21 Sep 2023 01:58:10 GMT

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Thu, 21 Sep 2023 01:58:08 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
server
envoy
x-envoy-upstream-service-time
0
cookiesyncendpoint
sync.aniview.com/ Frame 6D52
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=1aa012a2bef51c412593f7f964e35b&_fw_gdpr=1&_fw_gdpr_consent=
0
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=1aa012a2bef51c412593f7f964e35b&_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.105.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-105-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
0
date
Thu, 21 Sep 2023 01:58:10 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 21 Sep 2023 01:58:09 GMT
Expires
Thu, 21 Sep 2023 01:58:09 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=1aa012a2bef51c412593f7f964e35b&_fw_gdpr=1&_fw_gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1695261489344062-358
pixel
cm.g.doubleclick.net/ Frame CDEB
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=1aa012a2bef51c412593f7f964e35b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1229_7282223796728647955&gdpr=1&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=1&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AAGosE7KF0YAABnKmyoZjw&dataProviderId=817&gdpr=1
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=1aa012a2bef51c412593f7f964e35b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1229_7282223796728647955&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=1&gdpr_consent=
170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=1&gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 21 Sep 2023 01:58:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 21 Sep 2023 01:58:10 GMT
Expires
Thu, 21 Sep 2023 01:58:10 GMT
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=1&gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1695261489823093-383
merge
ce.lijit.com/ Frame 7139
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D52%26key%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASqXA...
  • https://ssp.disqus.com/match?bidder=6&r=Cid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASqXAWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjk1MjYxNDg5MzM3L...
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-1dcc098a-cb1a-3217-902b-cd5ebb256706&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNI...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=279534&3pid=ua-1dcc098a-cb1a-3217-902b-cd5ebb256706&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASqXAWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjk1MjYxNDg5MzM3LTk0ODI4MzYxMzI1OS0wMDEyNDQtMDA0LTAwMDgxOSZiaWRkZXJuYW1lPTUyJmtleT11YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYyAgYMOAI=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Thu, 21 Sep 2023 01:58:10 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-MERGE
GDPR Optout true
X-Sovrn-Pod
ad_ap4ams1

Redirect headers

cache-control
no-store
content-length
0
date
Thu, 21 Sep 2023 01:58:10 GMT
expires
0
location
https://ce.lijit.com/merge?pid=279534&3pid=ua-1dcc098a-cb1a-3217-902b-cd5ebb256706&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYQ____________ASqXAWh0dHBzOi8vc3luYy5hbml2aWV3LmNvbS9jb29raWVzeW5jZW5kcG9pbnQ_YXVpZD0xNjk1MjYxNDg5MzM3LTk0ODI4MzYxMzI1OS0wMDEyNDQtMDA0LTAwMDgxOSZiaWRkZXJuYW1lPTUyJmtleT11YS0xZGNjMDk4YS1jYjFhLTMyMTctOTAyYi1jZDVlYmIyNTY3MDYyAgYMOAI=
pragma
no-cache
cookiesyncendpoint
sync.aniview.com/ Frame 7234
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=55&key=7078119663561859382
0
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=55&key=7078119663561859382
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.105.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-105-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
0
date
Thu, 21 Sep 2023 01:58:10 GMT

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
ca2a5108-5a44-4537-8d4a-5cb17bed67e2
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 21 Sep 2023 01:58:09 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=55&key=7078119663561859382
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
getuid
eb2.3lift.com/ Frame 8272 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/getuid?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D41%26pid%3D59c9148628a0612da3689288%26key%3D%24UID
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 21 Sep 2023 01:58:09 GMT
sync
x.bidswitch.net/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=&user_id=1695261489337-948283613259-001244-004-000819&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.60.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-60-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D
x.bidswitch.net/check_uuid/ 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.60.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-60-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cm
u.openx.net/w/1.0/ Frame 5BA7 		43 B
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-915231903259-001236-006-006080%26biddername%3D23%26key%3D
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Thu, 21 Sep 2023 01:58:09 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
avpb7.51.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 09BE 		222 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
99c65b45011c8cc1887a9028fb5f5baaa3a7983ca88598b3a45d6a25311ee93b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt7GqPZsgPfz5nsazEMAB1nIQstcWU2RhS9htnqTttSXXoaE3WDEQ7SnJjv30WPVosdEx6TUtUU2h6EkEMRdzaAODr1tWQn
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71816
last-modified
Mon, 18 Sep 2023 14:47:20 GMT
server
UploadServer
etag
"c9b181d284ad064cbec87f0257ac82c2"
vary
Accept-Encoding
x-goog-generation
1695048440620728
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=QHb9Vw==, md5=ybGB0oStBky+yH8CV6yCwg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
71816
accept-ranges
bytes
expires
Thu, 21 Sep 2023 02:08:09 GMT
avpb7.51.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 09BE 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a0.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b5b51d89a8486ee9a21480fef1232a4040f5362d7a13176e617a4cb6839166f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt3F515NWySdCufHuQzvGwCurc4k8wZ9f4n4UFGVjqmatDyz3eux5HpYtJrL3UpxALWGE_xCYuFBgECilGZTuVitQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23120
last-modified
Mon, 18 Sep 2023 14:47:20 GMT
server
UploadServer
etag
"9d483b0db38e960f5c12c6299791b325"
vary
Accept-Encoding
x-goog-generation
1695048440650389
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=AciE/g==, md5=nUg7DbOOlg9cEsYpl5GzJQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
23120
accept-ranges
bytes
expires
Thu, 21 Sep 2023 02:08:09 GMT
usync.js
eus.rubiconproject.com/ Frame E614 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
51d124d36cad7f55b97069e9ccd3c06c32174f2d09e959bd9912366b06f12ec6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2023 11:53:50 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35657
Connection
keep-alive
Content-Length
10516
Expires
Thu, 21 Sep 2023 11:52:26 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:09 GMT
server
nginx
t
t.lkqd.net/ Frame 6618 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:10 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
csync
sync.spotim.market/ Frame 9494 		43 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=448580&extuid=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:09 GMT
Etag
e30acaa57d00effe
Server
Adtelligent
cookiesyncendpoint
sync.aniview.com/ Frame D266 		0
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=1&key=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.105.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-105-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
0
date
Thu, 21 Sep 2023 01:58:10 GMT
khaos.json
token.rubiconproject.com/ Frame E614 		7 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LMSIWYU5-1Y-417D
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 0BD1 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1695261489962
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:10 GMT
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6400"
X-Cache-Status
MISS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=47542, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25600
Expires
Thu, 21 Sep 2023 15:10:32 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=1aa012a2bef51c412593f7f964e35b&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml1229_7282223796728647955&gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:10 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261489886089-379
Expires
Thu, 21 Sep 2023 01:58:10 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 0BD1 		301 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:10 GMT
Server
nginx
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1695261489557094-401
Expires
Thu, 21 Sep 2023 01:58:10 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 0BD1 		67 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_gdpr=&schain=1.0%2C1!vidoomy.com%2C59871%2C1%2C20712855215037029481949107963%2C%2C&_fw_gdpr_consent=&vav=ceb88322f18c14a413625349372842dc&vaviv=72b9fe4f82b21f6d04273dd57b80d7c7&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:10 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1695261489821041-397
Expires
Thu, 21 Sep 2023 01:58:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		144 B
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
db2a2c00742d90286ebfea9b4f1a58d3ead9cec3d0a190dcd66cc287b87e71c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:10 GMT
an-x-request-uuid
f5414ffe-a6a7-4324-b89a-5d5b0f850569
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cookiesyncendpoint
sync.aniview.com/ Frame E614
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&khaos=LMSIWYU5-1Y-417D
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LMSIWYU5-1Y-417D
0
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LMSIWYU5-1Y-417D
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
3.227.105.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-105-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:10 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&pid=59c9148628a0612da3689288&key=LMSIWYU5-1Y-417D
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Expires
0
cookiesyncendpoint
sync.aniview.com/ Frame 398B 		0
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1695261489337-948283613259-001244-004-000819&biddername=1&key=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1695261489337-948283613259-001244-004-000819%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.105.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-105-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
0
date
Thu, 21 Sep 2023 01:58:10 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:10 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261490023009-385
Expires
Thu, 21 Sep 2023 01:58:10 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
14WHF8W5JMAV1QFBF8KD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:10 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261489623084-371
Expires
Thu, 21 Sep 2023 01:58:10 GMT
ev
s.seedtag.com/e/ 		0
14 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/e/ev
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 21 Sep 2023 01:58:10 GMT
via
1.1 google
server
openresty
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 56F4 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6f992"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=44981, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Thu, 21 Sep 2023 14:27:51 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1695261490289&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1555&pt=252959965&tz=120&viewable=true&ddast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=2058055&dpubid=375975&abtst=expl_vE!nonrv_vA!tbt_lit_unit!ufm_vG!ul3342_vB&mPre=0.033&cirf=https%3A%2F%2Fextra.globo.com&en=1&subu=3&panid=df66b851409d31eff92d3271f26816d5393820c4dbb7241cdff1ecc80f3cab91
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
44ef27d282c60679f606f3ad5564ae043ed12516d368ad8d6c6634d56bdce1e9

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 21 Sep 2023 01:58:10 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1427
x-cache
MISS
x-served-by
cache-fra-eddf8230092-FRA
pragma
no-cache
server
nginx
x-timer
S1695261490.299872,VS0,VE52
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://vast.aniview.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 56F4 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1695261490316
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:10 GMT
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6400"
X-Cache-Status
MISS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=47542, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25600
Expires
Thu, 21 Sep 2023 15:10:32 GMT
auto-user-sync
ads.stickyadstv.com/ Frame 56F4 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:10 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261490233024-363
Expires
Thu, 21 Sep 2023 01:58:10 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 56F4 		301 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:10 GMT
Server
nginx
Cneonction
close
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1695261490168027-396
Expires
Thu, 21 Sep 2023 01:58:10 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 56F4 		67 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=&schain=1.0%2C1!vidoomy.com%2C59871%2C1%2C5037029481949107963920796807%2C%2C&_fw_gdpr_consent=&vav=3f9556893b5fae75a72b022b66fd531f&vaviv=ff2bf0f9c9e4e50d223d6ed78b66186a&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:10 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1695261490112055-360
Expires
Thu, 21 Sep 2023 01:58:10 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:10 GMT
server
nginx
t
t.lkqd.net/ Frame 6618 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:10 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
/
vast.aniview.com/api/adserver61/vast/ 		905 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62ce741fc6e4546c8d7def07&AV_URL=https%3A%2F%2Fextra.globo.com&cb=R0.1695261490367&AV_WIDTH=700&AV_HEIGHT=393&AV_CCPA=1---&AV_SCHAIN=1.0,1!taboola.com,1212313,1,1776686410,editoraglobo-extra,extra.globo.com&iiqpartner=755298539
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
8d97b692eeed8d933610eea1368dc7ed4df32048c1824f9aa6351a99d3647351

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Date
Thu, 21 Sep 2023 01:58:10 GMT
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
X-Bamboo-C-SkSt
1
Transfer-Encoding
chunked
X-Bamboo-WL-Track
track1.aniview.com
Connection
Keep-Alive
X-Bamboo-WL-Player
https://player.aniview.com
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/xml
Access-Control-Allow-Origin
https://extra.globo.com
X-Bamboo-WL-Serve
gov.aniview.com
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
X-HW
1695261488.dop263.fr8.shc,1695261490.dop263.fr8.t,1695261490.cds226.fr8.sc,1695261490.cds226.fr8.p
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
user-matching
ads.stickyadstv.com/ Frame 56F4 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:10 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261490003052-392
Expires
Thu, 21 Sep 2023 01:58:10 GMT
user-matching
ads.stickyadstv.com/ Frame 56F4 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:10 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V7N8CFDPG73WHK0ZKWZJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:10 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261490295015-383
Expires
Thu, 21 Sep 2023 01:58:10 GMT
usersync
usersync.gumgum.com/ Frame ED3D 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:10 GMT
Expires
0
Pragma
no-cache
SPug
simage4.pubmatic.com/AdServer/ Frame 232D 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157743&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:09 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
usersync.gumgum.com/ Frame F6E7 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:10 GMT
Expires
0
Pragma
no-cache
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:10 GMT
server
nginx
t
t.lkqd.net/ Frame 6618 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:10 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EC84 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132156
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 21 Sep 2023 01:58:10 GMT
expires
Fri, 22 Sep 2023 14:40:46 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3AEB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
69738
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 21 Sep 2023 01:58:10 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5289, 385738
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230131-FRA
X-Timer
S1695261491.710552,VS0,VE0
usersync
usersync.gumgum.com/ Frame D81B 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:10 GMT
Expires
0
Pragma
no-cache
usersync
usersync.gumgum.com/ Frame B8C4 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 21 Sep 2023 01:58:10 GMT
Expires
0
Pragma
no-cache
async_usersync
ib.adnxs.com/ Frame 3AEB 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:10 GMT
an-x-request-uuid
89dbfbf0-2328-4a68-8ac3-d88f594eeabd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame ADC0 		478 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.5/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e824482956fc97fb6ddfb83ac8b6351f910132f1a60faf84a9eff927023919fa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:10 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdufo14zJb98eMM3jmpED4Y9nFD_hcFyKrqLe5VfRnnaysViJjNLabyABIH9r-H3oaY0W-hs85s2SOBgZR8vjyT30iMFM7hL
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
131010
last-modified
Mon, 18 Sep 2023 14:47:20 GMT
server
UploadServer
etag
"36dea94d8ba7d6fda4ab98b1fec82dce"
vary
Accept-Encoding
x-goog-generation
1695048440043040
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=N8ppLg==, md5=Nt6pTYun1v2kq5ix/sgtzg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
131010
accept-ranges
bytes
expires
Thu, 21 Sep 2023 02:08:10 GMT
truncated
/ Frame ADC0 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=extra.globo.com&sn=&ic=0&tgt=1&app=&wi=700&he=393&test=&d36=6.2.128&apppkg=&fv=1&proto=https&clsid=61620715-b7a3-4cbe-9dc0-20832dc2d6dd&rando=19&pid=621cca388ba47d78a102e506&cid=62ce741fc6e4546c8d7def07&stagid=&stplid=&e=inventory&vi=0&cb=1695261490888
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.88.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-88-143.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:10 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
avpb7.51.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame ADC0 		222 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
99c65b45011c8cc1887a9028fb5f5baaa3a7983ca88598b3a45d6a25311ee93b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:10 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt7GqPZsgPfz5nsazEMAB1nIQstcWU2RhS9htnqTttSXXoaE3WDEQ7SnJjv30WPVosdEx6TUtUU2h6EkEMRdzaAODr1tWQn
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71816
last-modified
Mon, 18 Sep 2023 14:47:20 GMT
server
UploadServer
etag
"c9b181d284ad064cbec87f0257ac82c2"
vary
Accept-Encoding
x-goog-generation
1695048440620728
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=QHb9Vw==, md5=ybGB0oStBky+yH8CV6yCwg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
71816
accept-ranges
bytes
expires
Thu, 21 Sep 2023 02:08:10 GMT
avpb7.51.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame ADC0 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a0.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b5b51d89a8486ee9a21480fef1232a4040f5362d7a13176e617a4cb6839166f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:10 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt3F515NWySdCufHuQzvGwCurc4k8wZ9f4n4UFGVjqmatDyz3eux5HpYtJrL3UpxALWGE_xCYuFBgECilGZTuVitQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23120
last-modified
Mon, 18 Sep 2023 14:47:20 GMT
server
UploadServer
etag
"9d483b0db38e960f5c12c6299791b325"
vary
Accept-Encoding
x-goog-generation
1695048440650389
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=AciE/g==, md5=nUg7DbOOlg9cEsYpl5GzJQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
23120
accept-ranges
bytes
expires
Thu, 21 Sep 2023 02:08:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
179f5fbdd7194be791a7f0e342ef1595449c98423c03cbe92b499649ebe833a1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:11 GMT
an-x-request-uuid
c877daea-58bb-42ac-bfcd-0a9745d4b74e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame B7AB 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c4=true&c5=&c6=59871&rnd=14024886&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a07624a3136d8dd528c77fd1db3c64f2715cf6fe18679e1b9c68dfd36acce4bd

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:11 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1514
all
csm.eu.criteo.net/ Frame 2155 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=IIIHpnKe1Ktls8WuMgyU8otKB-Y4WUHrXmrxZOiUCqLysmxiIrsX79NRUWoH63uDMHHuZBub7PAkh3RRH8yIfnBIJ5ASISYWHHueNAgMyISRR7tJSsh040TP8Z5tjVr0QEZ5py_LhSTXwLZvZ6mcpBOFUIokgPo88cLVWbfTqya7WvpvaUgl6n0FJSlGoyHOiLdS_8X9KXxkI0qnqWuvuTvoOZlfPXBNLMWFFdIpxMHbmPxggQIQrKzw5hu_mNswINYlJQ&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQANS_UK3oybAAyIvCpqjTFF5NKTH8769g&u=%7CXjATkX2pIQMvags1HSAP1Xb8sZO4B3C15X3VZHFq4Qk%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2VbjBE30yWNVeKP-DrcZK6qd_0LxqtSDAZxv2BjuWqB9fvfvkS9v5w06kORLnDFW4WFHWZCGveMIXJ2_HgVihJtftdeIwXVT4D7BVnfBbApVDJkT3fhjLCHSKNbdEYzbMiJMH7OtBw4ZSdfJUN5BibbbJ5l5ppPmlUSpwq1YVMH4zvYpZqW2C0tR4le1JdSyKEo2F8wjY8PlyDYS3p4PuHhF-36NwrHCXMO4z59plZ6tNYo3ebAyMWH68tRvW_3K_yWH1TZfhRghzMwM3vM7kzx6WQIYXJujvrxEy7_3UdsE4caRACRUirbE5q0OEUwOCDn8-SBX4RdXLy0wBOhGwJyREx8U9MfI3EogQ_TFG5DofmzHfj6Ea5uYDb9Y1LjUz1dN0j8B4zNvMIPkDGDlGYcetd1eB5lepZfXyyHCQ0BD6qHU3HBPHkhnBK1jTN4cwUrU-NeexsvkWS05SihvPqttQqBcZIJDhXwy6TERkQMNU5QfO_FGgPZg4otvA7Ds8egYcBUCySIMaIvP8JWvI40Zvt_HmCIXwF5ePu9m0VZHPc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwomaKaMLZfWXNZuZ-ga8kbLQD8me0rFc9Z2Y93DAjbcBEAEgAGD1lc6B4ASCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCujd5SF7isT7gAgCoAwHIAwKqBK0DT9CB_btKipgKfAsQnSR3Mu9etGmWuKDi3OHsGX-5FbBgSNxWAjWbmxGAefL9Jy_S39N_5pHyBgZncmTsAPmw90AAbgxjS_ugUcjMpX8Y_nKlNvP-RwCiBK_cVh9XaOY1F1XyYPmGFKOeSRDVXkA4kTc8qatZo2SxMCGoDKXURieu-LJbw1J7dvJHoOs-bzaOoE90Vs0nhAlCCITu6IsKaA2oZpf97omYZ-RkQtl8j3ELZTKWZVWdmFtzZc-gaSTheICfrgT9TCWj8w77d7vt23muZGH_C4KzxLkkrRobSrz8ksWotMMvj_99oCX1KplLf61IAdiGaG82i_WUljzcSh5RkkKXFQzw5zzugeS3GFYlv1aTeFZH4BDsqJF2pnVT2RCEGJwv5XtIj48X0JtlQWoCoEg2WBtGBkxet-gQmOZaxV0EIlLrm__LfD3x2OZMPZhGrBhywU-76L4WMp6MjgUr-8x0eLIIqnwnsnpbWjbri6IrYhYVcz5amzZ7dujy_FAblJft3L3CJ64atpMBk1Gdv_sULjHvYx6o-hL-XycEveNzcpRZU_J_kXz34AQBgAbupIOpr9Xfr1mgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2vvi_STlc2BsAZ4UwDyyFP2He77Q%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
vpaid.js
ad.lkqd.net/vpaid/ Frame 9D4C 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:11 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1695261491.cds215.fr8.hn,1695261491.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
all
csm.eu.criteo.net/ Frame 7CC8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ZbabOXKe1Ktls8WuCLlu5IKT0_oyGaTBo43-l5AS2N4J05QQfi3HJGZzdBWY2e9SCLAAgcs-MD4Niq7WRQreCiQik0vQyC7e1_ujV2dxgsT8_FAESIrIBez4LWJZaoT0dO3knU3Imhev1TRAocIAJ7SOeHZR7-CTLMeg5AdRotwvp_srpqzvLHBXLdrmf8spznEYQTSQwdPNxEwuGTYD6iKIBCp32saf2JQ5f-XdpWbKe8Djt0-vaptrO2X9DILyDV8_TQ&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKgAAOgIIVRPnAAIqZm7KAH9DEFTyWxiWRw&u=%7CENoJiYx9%2BIPD3kIPAWZVyQ6fW3l1gyLJXDAJgN%2FIVJ0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNq3-pxKMVsrD8omUlRR6RplaanJFN1_xneCUv155W728AL0do5imaTSaKWL-XEE4MGhni6miofD_TBUard1I9ZFcV_gYZnuYHnbbV1ootj0vBHs93pBlsEL3OnatO_vInLNLVGzshDZFC9L_mCGfB-XytOXLb5OvCGCns5HNx9Ty_qVl_PqPnjJa8ZSIi7KG21rHyYGoMK2RrR_GRdEA_rslLAYFVyEQPXPJeOPb_-2bdG2aFaG8h4s3NNX_ooaz4-UKbruQOBHQRp-7-YavqfDxAux80Nv6GvETzXlksYmF89--Ela1-cCbEM_s-ya0Z-zDOgxzT0a9p0DW4iyw0Ee95_3e3AS7v8g9IcO5oIoChEN67J51dobFXsNGivr5tZbWZSl_1ucpcGiO5P95vh6vkpd46oY4SWhsTRhj-KeX-JwIeg9hGt5FddwdTidpjLxby_8HRQGIbcl0bEO7SodBCid9Wme4BBeXMGNXiFPqwYmyig-HZ_ivUl48zb7478ULOo67BqpW2lJorMxbPqIk-yzIpAfI6UAtfnS9xSyPTHMyxhPjgWz73_6v99VuBvlmHsSS3eyumpV_9WkG0fxw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCgJdkKqMLZYJ056fU8g_m1Ij4DMme0rFctZjj1pMBwI23ARABIABg9ZXOgeAEggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQmpAikNNiGa7rE-4AIAqAMByAMCqgSoA0_QYj6etTQ5Immnkh63Q2rV6OpENrTuOnjvfGHvxvmkH_fnqnkFPzbP4227RIho1Pnc0Uq08us1a6XDEJm1vnkITns_fKqrUnwqOi2MtmZBKeC9AWl7ufHHGToGC3r767WaWnxaeXo13rK_YNn7B1ZhkOzENNAVK_Bb7jv__WPeMNmg18ktWvSS6IZa86n6hDuOkvG4XkyMYYQqZTOUiJpxuv8dJVuaL3H98gz5fGQm9RCnKzYYCYn5wGJLoi2a3q2MsNhoi7WfpYdZ6eeLGZqU1WOO_HslJ9CQjvwYi3aQhNfwyeHj1pD_Pru7IN7Ny8aQKp8jws1cKao75dXIqVJKsbEHLwRR3ICoLvfktDQYHtkwo7Ujzn6x09gGMFTnPjufI_1l3YOVPKwxzfu0vA2nnFSYrZKIqtto7oPk63o85fsl7k_FpCiCmHh64LuHvHpcpLbam70WShUGfhB59x-yfrNiKEEOQb9Js0ILLcA7fy34Wh3pmyNmtLdUV1tFgTSXZoIudde350KFkxwpq5WUu888tUJAW3JSxSXzBr-ANOOI4eddtLrgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2FU5kbRNpkGTPEROpWJlzuIzNAEQ%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame 1A32 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=n19chnKe1Ktls8WuZmzyh-_nlRyF0FaS1XkB5EppJO2pe_ecTZe27-Fo8a4Sz578xnfK04nKfjWus2A3YnZQaBTOxak3laqfZ_4UycASFqG8QeRlYBMZAD05a79RnHvGri7sWNFmqcK66Z9fB3yyUlUCK1vblSvK1bY9Lt_KbCC0a2kaS-xehnagTXO_pgDo5lkuZtdm03ImwlTO5DFIDnBJn9NMb1Q3kbVYKFZHOKw6LrLvBnP-V7B1W9V8BTr91P9J7Q&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQujKQAIFRgK4GqFAA5jj-wYajExDSNNZKTUZA&u=%7CXjATkX2pIQO4tJVT%2BPOEp5ZFlMOS%2BndR0Vj9RY%2BDw%2BA%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdhoxLfz-cNqzFiF5C1iIi-No5dsH_gGJ4pjtOn2iYJjjsO8LPGt2Vb3kdStZ7KjJ06lXPoxjyDrf3QU601MhbxAs_vHxZy0pisJYVD-tyb-q_1vCa7TcRxU_msRkblrmKhoac6Pr4C8u609e1OtgnZWl99zP0SnUsmwZqG9P0TUDvfWyxEb5_OeZDo53Z2f8qw2BkCVYNWbk_ePY9N36cpFNBOMluAmzVzKW3HWqCleSJLD0DsV4BeEMXeIOCbmzir_lXNIAtzqvhAB913NdayTfrR7oeCklZxhfXodD0x-Oulnf2PqZeFBn8tKYxLGUjdJ5HZhZBRTaeuh6IFo1pI3LBIIz95BnSmE7lZFCebVF9XbBWYuzkA8D1cY-c56g8aITN_yOPx_CFSuq52u1PfB4gh78DAAXzyvzcmqNFcIQTBFnrWYVC9A5RALEqX-xxBFM0VPT9h68hXteXLAeWyYjwvF-i6BlbsRo7Bl5ReCuOt13lBIFFiwh1XGcV4SBr1N6Q8D4n36dGfRxkklYUbTTgllZvJY0OwCx3b4-Ct-iub4WgtnwEgEqwUeBjLGWPdDLtMALRfynk_rs31NUlYUMQi8UI1B4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCvtIeKaMLZZiqIIXVgQePx7kYyZ7SsVzVnZH3cMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJqQKHagKEr9-xPuACAKgDAcgDAqoEsANP0NwNOGiRRyEWz2We03yk365GGqMB1nKNcXrj3bTx_iYaHNLSRLwM4Cbc65dLbU5cqLOserikk-2UlyvY7o-LUnAGidmewCsm-OisSLX8QKd2_Rnd7e1e8t8M2gpF2k5kpqwZiQxf1CAbsZ_0bcIUMy8D0OfNrJ9nJoJZirw6zeqzvjsP0Hda3unCQ0dWd-DcgwnSchXGwWC0jhRTY7cj7OZCcD-3Mm66ew8cHxQKO_tl5P9uSdtM0EFjhn4sdeERMsQdL6pz-r6K4cApziyYJPTFhsCkm4sVO-g8z5u_D7dwsqR74dqPXNNKD2oJxgjxVVz8-MTS9nVCHLdSIAVC5Y0uBqNKVMTeijDJ4bYCjsYwR8yxJWhQfVIf9HWegPoe4Z-KOzprH6-ZZuf9NtMRnTZ82SisD24bIoZs7Ft8qeCKDFhzpJwNWuRdEn9XMQt8sHG5dwBc0wrLPQJF4Z7IcqpTbVOcTayICOh-dHJdLeYRlyQL4q26MbGnlljMHDDWHaZw0OML-3zLqyf9WwGGITBKe3r1jmiF_RKbBpyQ9_39RrZmixkc1HQzFkMZyBjgBAGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2OhEf1XLEgmNYCqnckCaAqryxG9g%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:10 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
usync.html
ad.lkqd.net/cookie-sync/ Frame B097 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 21 Sep 2023 01:58:11 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1695261491.cds215.fr8.hn,1695261491.cds226.fr8.c
ad
v.lkqd.net/ Frame 9D4C 		52 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c4=true&c5=&c6=59871&rnd=14024886&m=&rtv=1&thost=extra.globo.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
1ce3def28719a71258b0cc6a55b7828981aac60df5f99b8a63272705ccf65374

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Sep 2023 01:58:12 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4501
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c4=true&c5=&c6=59871&rnd=14024886&m=&rtv=1&thost=extra.globo.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Thu, 21 Sep 2023 01:58:11 GMT
server
nginx
pubmatic
s.seedtag.com/cs/cookiesync/ Frame E5DA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=B499B7AD-7917-48EE-AC2C-59DD92D48E33
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Sep 2023 01:58:11 GMT
server
openresty
via
1.1 google
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:11 GMT
server
nginx
t
t.lkqd.net/ Frame 1EA8 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:11 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6EBC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
69739
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 21 Sep 2023 01:58:11 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5289, 385741
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230131-FRA
X-Timer
S1695261492.627772,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8112 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132155
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 21 Sep 2023 01:58:11 GMT
expires
Fri, 22 Sep 2023 14:40:46 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 6EBC 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:11 GMT
an-x-request-uuid
4bebb1a7-bffd-4af1-a9af-9e6175585567
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3AEB 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:11 GMT
an-x-request-uuid
970ca3b0-e9c4-416d-9851-45a08ffaa210
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 6905 		28 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473006&zone_id=2804594&size_id=203&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=%22application/javascript%22,%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C2647732514516417135561684304%2C%2C&gdpr=&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.149.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-149-186.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
35135
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6905 		814 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C5964987064516417135561684304,,&_fw_gdpr=&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
87792d280904fa09e27c96238a152b058e1a0413aad5f1ae12dfba3fee1e072f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:12 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
814
x-sticky-vk
1695261491960048-389
Expires
Thu, 21 Sep 2023 01:58:12 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 6905 		28 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473006&zone_id=2804594&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=3&rp_schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C16831819224516417135561684304%2C%2C&gdpr=&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.149.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-149-186.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
90913
/
adx.adform.net/adx/ Frame 6905 		65 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://extra.globo.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6905 		831 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C45164171355616843041690333414%2C%2C&_fw_gdpr=&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ff3c597073aff0bbf75ff9f9dd7320becd65b0392fa65811ae0c09e43a61453b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:12 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
831
x-sticky-vk
1695261491638092-353
Expires
Thu, 21 Sep 2023 01:58:12 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 6905 		28 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=&gdpr_consent=&rp_schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C15624942344516417135561684304,,&tg_c.language=es&width=400&height=225
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.149.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-149-186.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
215849
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 6905 		28 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473006&zone_id=2804594&size_id=275&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=%22application/javascript%22,%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C19166967964516417135561684304%2C%2C&gdpr=&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.149.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-149-186.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:12 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
120799
OpportunityServlet
am-vid-events.taboola.com/ 		1 B
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_4_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:12 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:12 GMT
server
nginx
t
t.lkqd.net/ Frame 1EA8 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:12 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame CCC6 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6f992"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=44979, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Thu, 21 Sep 2023 14:27:51 GMT
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame CCC6 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1695261492546
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:12 GMT
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6400"
X-Cache-Status
MISS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=47540, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25600
Expires
Thu, 21 Sep 2023 15:10:32 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEPAC-EbmlI9tSg7c9RqgHz4&google_cver=1&gdpr=0&gdpr_consent=null
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/1aa012a2bef51c412593f7f964e35b?gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-459V4SxE2oMnCm0HpiQrLJHvKj1S6fR_h0KKQTJ6~A&gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:12 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261492647017-392
Expires
Thu, 21 Sep 2023 01:58:12 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame CCC6 		301 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:12 GMT
Server
nginx
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1695261492209083-336
Expires
Thu, 21 Sep 2023 01:58:12 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame CCC6 		67 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_gdpr=&schain=1.0%2C1!vidoomy.com%2C59871%2C1%2C5964987064516417135561684304%2C%2C&_fw_gdpr_consent=&vav=a2b9a28bc8e0297bfbad4289b98509aa&vaviv=bd9105ff029126c699019143ea33c2bb&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:12 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1695261492337064-396
Expires
Thu, 21 Sep 2023 01:58:12 GMT
t
t.lkqd.net/ Frame 1EA8 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:12 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:12 GMT
server
nginx
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:12 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261492452050-382
Expires
Thu, 21 Sep 2023 01:58:12 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZNA9H69597BZGFXYY5J9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:12 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261492341054-332
Expires
Thu, 21 Sep 2023 01:58:12 GMT
truncated
/ Frame 9D4C 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 4783 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6f992"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=44979, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Thu, 21 Sep 2023 14:27:51 GMT
async_usersync
ib.adnxs.com/ Frame 6EBC 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:12 GMT
an-x-request-uuid
4f9682e2-8c2a-43f3-b1b3-fd4cc93e8d02
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 4783 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1695261492750
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:12 GMT
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6400"
X-Cache-Status
MISS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=47540, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25600
Expires
Thu, 21 Sep 2023 15:10:32 GMT
auto-user-sync
ads.stickyadstv.com/ Frame 4783 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/1aa012a2bef51c412593f7f964e35b?gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-459V4SxE2oMnCm0HpiQrLJHvKj1S6fR_h0KKQTJ6~A&gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:12 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:12 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261492435086-378
Expires
Thu, 21 Sep 2023 01:58:12 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 4783 		301 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:12 GMT
Server
nginx
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1695261492574039-360
Expires
Thu, 21 Sep 2023 01:58:12 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 4783 		67 B
1005 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=&schain=1.0%2C1!vidoomy.com%2C59871%2C1%2C45164171355616843041690333414%2C%2C&_fw_gdpr_consent=&vav=b5f59b86c2a17b6c43780181eb6f1d65&vaviv=42e93e02baf9adbd4ab6bd4d9d6f3cd4&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:13 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1695261492337084-365
Expires
Thu, 21 Sep 2023 01:58:13 GMT
t
t.lkqd.net/ Frame 1EA8 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:12 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:12 GMT
server
nginx
user-matching
ads.stickyadstv.com/ Frame 4783 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:12 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261492773021-419
Expires
Thu, 21 Sep 2023 01:58:12 GMT
user-matching
ads.stickyadstv.com/ Frame 4783 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
79QNWWNGTS7XZYZPC7JB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:12 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261492722037-366
Expires
Thu, 21 Sep 2023 01:58:12 GMT
t
t.lkqd.net/ Frame 1EA8 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:13 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:13 GMT
server
nginx
extra
horizon-track.globo.com/event/ 		0
364 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://horizon-track.globo.com/event/extra
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryUXUeHwiimNTcqRiM

Response headers

date
Thu, 21 Sep 2023 01:58:13 GMT
x-served-from
hzt-tsuru
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
access-control-allow-credentials
true
access-control-allow-headers
user,User-Agent,Content-Type,GLBID,GLBUID,GST
content-length
0
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1695261493309&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1555&pt=252959965&tz=120&viewable=true&ddast=V8W5MCLAZsWGgAeXhqOxLYsNAA8vDUdiwAAABgYID-AAlNRguPzbVaK2ezzVo0GznWysVm5Fa4bAvDaLcxjFy2ISChyWjhsblWa-VstlmLZiPHWrnYjNwKl21hGO02hpHLNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwRmoul0-Fz3epXxdHnYdWa_xW_X-N1-lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7MdAAAAADz4____hwAAAAAQAQAAAEACAAAAAIWACv8WBC4AAAAAYPj____XAPDMgUAcHqM_AAAAAIAAAAAAIAFQwHtaAuDj7OjE_________3-MAfrMGxn_____Nwx6ADz4AHgQAgAA8DGELxhERNOZK5ZIAWcRRgAAAACGndMGj0zSCSoWVf7___utAFwBAAhQrK0jc82iOyjxFgYAAKBgzAI9LH6_2WHX-N0u8_________9v5v_MPxohHubmNEELrhRqfgEBANb8AgIAsFE3AABvBOAEHYJWDAaroxC74Wywmww2k9kBAAAAuPP___-vB8Rcs91sYfKtNsORY2Fy7Aaz2WC3cHlGzpFrMZxsDyQ79peLN09DnxBhmf2-g4JyenrMLoOo6Hpb7A6n2XMQHzQMy8kgmJ8JW4xWk8lmOZwtF5PBcDQcjfZHAJcDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGqzcWxGLtdatluO1qKJZ7YWbnbLtcQz862Gq5nNs1i5Ra-P6WNYTYYLjxcJBnzuRfK0SCeSzcw38Y08G8PEsRuNHJPNbOGaODbLxWK4GY2WE7FEc7JIJ7LLvuaa7WYLk2-1GY4cC5NjN5jNBruFyzNyjlyL4WTf2mwcm5HLtZbtlqO1aOKZrYWb3XIt8cx8q-FqZvMsVm7R62P6GFaT4cLjb8yWq8lsMRqO9o3ZcjWZLUbD0b5DZ_iuPmejbXNOeVzekrFwXd6cBoXLYPG-1KfzsGAsmM-eo9PlsTyLOqPf7_f7_X6_3-_3G7Seg9mg8D0Pf-H0sTyXw9noQWwwKGKJ4CKdqExO09_y8Jn9Fr9bZTxdHhaxRGm6SCd6lcdv97udDr_cb3p6nA6_ZDDZ7AXDvcpzuLtlD6dbY3k6LG-1w_JxuEUut8Lw95wenrfKc_hbTk_bw_NWud0Kj99y8rs1frdb8jK53CKXW-PwfJ52v-ct97tlD7Pf8ha53KrPW7KWOM1Gv8tz1xlNb7NFLBGcLtKJ6GU8XdR_9BDL1VwymM0Vg9VcsVmsEgAAAAAAAACAJZhmugkAAACAk8HsVsvdap0OZLAaDlar5QKQ-MvU9WNfug6yEjSyayZAsaMVC4GmWGOPSZTJafpbHj6z3-J3q4yny8PKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94Eplpx_____-MAAAAEyKEHAABAvw_oCmL0WqEnjl9BDIbDyf4BqBBrtVrdbqzVagU0kNFqMxhN4P___z8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=2058055&dpubid=375975&abtst=expl_vE!nonrv_vA!tbt_lit_unit!ufm_vG!ul3342_vB&mPre=0.033&cirf=https%3A%2F%2Fextra.globo.com&en=1&subu=3&panid=df66b851409d31eff92d3271f26816d5393820c4dbb7241cdff1ecc80f3cab91
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
9f7c5c7402c7393f38a2b5228ed4e76786e0404bc4c7ed0d3171de16525af12f

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:13 GMT
content-encoding
gzip
server
nginx
machineid
1408
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
link
<https://vast.aniview.com>; rel=preconnect,<https://vast.aniview.com>; rel=preconnect,<https://vast.aniview.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
vast.aniview.com/api/adserver61/vast/ 		905 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62ce741fc6e4546c8d7def07&AV_URL=https%3A%2F%2Fextra.globo.com&cb=R0.1695261493429&AV_WIDTH=700&AV_HEIGHT=393&AV_CCPA=1---&AV_SCHAIN=1.0,1!taboola.com,1212313,1,1776686441,editoraglobo-extra,extra.globo.com&iiqpartner=755298539
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
515afbcddbb10cbbf772f4a0e4eb8f44a43702f7ed211055eef9bff0386a95c8

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Date
Thu, 21 Sep 2023 01:58:13 GMT
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
X-Bamboo-C-SkSt
1
Transfer-Encoding
chunked
X-Bamboo-WL-Track
track1.aniview.com
Connection
Keep-Alive
X-Bamboo-WL-Player
https://player.aniview.com
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/xml
Access-Control-Allow-Origin
https://extra.globo.com
X-Bamboo-WL-Serve
gov.aniview.com
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
X-HW
1695261488.dop263.fr8.shc,1695261493.dop263.fr8.t,1695261493.cds337.fr8.sc,1695261493.cds337.fr8.p
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
/
vast.aniview.com/api/adserver61/vast/ 		905 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62ce739af7dbc53bae7f0fe6&AV_URL=https%3A%2F%2Fextra.globo.com&cb=R0.1695261493429&AV_WIDTH=700&AV_HEIGHT=393&AV_CCPA=1---&AV_SCHAIN=1.0,1!taboola.com,1212313,1,1776686441,editoraglobo-extra,extra.globo.com&iiqpartner=755298539
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
b333aec16065d4e4d15b10da8530a7f3954db8836bda8aeff34ca1dcf8babf0e

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Date
Thu, 21 Sep 2023 01:58:13 GMT
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
X-Bamboo-C-SkSt
1
Transfer-Encoding
chunked
X-Bamboo-WL-Track
track1.aniview.com
Connection
Keep-Alive
X-Bamboo-WL-Player
https://player.aniview.com
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/xml
Access-Control-Allow-Origin
https://extra.globo.com
X-Bamboo-WL-Serve
gov.aniview.com
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
X-HW
1695261487.dop221.fr8.t,1695261487.cds323.fr8.shn,1695261493.dop221.fr8.t,1695261493.cds249.fr8.sc,1695261493.cds249.fr8.p
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
/
vast.aniview.com/api/adserver61/vast/ 		787 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=645c834590f2c48ad908f465&AV_CHANNELID=645c88ca4aa578f6460438d6&AV_URL=https%3A%2F%2Fextra.globo.com&cb=R0.1695261493429&AV_WIDTH=700&AV_HEIGHT=393
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
86facc779f360ee0c0fab4211bfd06ce034d77d05837c58b2a83bf26ce1b2de9

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

Date
Thu, 21 Sep 2023 01:58:13 GMT
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
X-Bamboo-C-SkSt
1
Transfer-Encoding
chunked
X-Bamboo-WL-Track
track1.aniview.com
Connection
Keep-Alive
X-Bamboo-WL-Player
https://player.aniview.com
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/xml
Access-Control-Allow-Origin
https://extra.globo.com
X-Bamboo-WL-Serve
gov.aniview.com
Access-Control-Max-Age
1728000
Access-Control-Allow-Credentials
true
X-HW
1695261487.dop207.fr8.t,1695261487.cds288.fr8.shn,1695261493.dop207.fr8.t,1695261493.cds226.fr8.sc,1695261493.cds226.fr8.p
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
ad
v.lkqd.net/ Frame B7AB 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c4=true&c5=&c6=59871&rnd=37577730&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
3ed7c611b6f9ddfb96357e8a5dbf4fce3db9b592ebd6a3e464e1746e0b5935d0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:13 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1516
postback
s.update.indexww.com/2/2.104.0/974276/AkJekfYMEPKRY4dv/ Frame 2B67 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.indexww.com/2/2.104.0/974276/AkJekfYMEPKRY4dv/postback?ap=&bt=programmatic&cb=306033568693174406&de=2&dm=728x90&gt=CH&md=1&pp=187924&to=3&pi=26031911&ti=1&ui=ZQujKutf4JN9V-XEBbC8xQAA&ci=974276&ac=4443522&cr=26031911&di=extra.globo.com&pv=69d02f4a-d031-4176-9856-493aafac93e4&pc=37681&si=295013&sr=indexexchange.com&sid=AkJekfYMEPKRY4dv&oz_sc=c1e9db5944cf3d08e0843a33&oz_df=1695261493669&oz_l=503&cv=3
Requested by
Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/2.104.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 21 Sep 2023 01:58:13 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
vpaid.js
ad.lkqd.net/vpaid/ Frame 2A12 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:13 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1695261493.cds215.fr8.hn,1695261493.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame A6D8 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 21 Sep 2023 01:58:13 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1695261493.cds215.fr8.hn,1695261493.cds226.fr8.c
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c4=true&c5=&c6=59871&rnd=37577730&m=&rtv=1&thost=extra.globo.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Thu, 21 Sep 2023 01:58:13 GMT
server
nginx
ad
v.lkqd.net/ Frame 2A12 		51 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c4=true&c5=&c6=59871&rnd=37577730&m=&rtv=1&thost=extra.globo.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
8cff0d5d9cb04ce5dd461284b8961343333c429f08a9c202435cb3dd90046e2a

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Sep 2023 01:58:13 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4106
AVmanager.js
player.aniview.com/script/6.1/ Frame A9CB 		478 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.5/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e824482956fc97fb6ddfb83ac8b6351f910132f1a60faf84a9eff927023919fa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:13 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdufo14zJb98eMM3jmpED4Y9nFD_hcFyKrqLe5VfRnnaysViJjNLabyABIH9r-H3oaY0W-hs85s2SOBgZR8vjyT30iMFM7hL
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
131010
last-modified
Mon, 18 Sep 2023 14:47:20 GMT
server
UploadServer
etag
"36dea94d8ba7d6fda4ab98b1fec82dce"
vary
Accept-Encoding
x-goog-generation
1695048440043040
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=N8ppLg==, md5=Nt6pTYun1v2kq5ix/sgtzg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
131010
accept-ranges
bytes
expires
Thu, 21 Sep 2023 02:08:13 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 857E 		478 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.5/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e824482956fc97fb6ddfb83ac8b6351f910132f1a60faf84a9eff927023919fa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:13 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdufo14zJb98eMM3jmpED4Y9nFD_hcFyKrqLe5VfRnnaysViJjNLabyABIH9r-H3oaY0W-hs85s2SOBgZR8vjyT30iMFM7hL
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
131010
last-modified
Mon, 18 Sep 2023 14:47:20 GMT
server
UploadServer
etag
"36dea94d8ba7d6fda4ab98b1fec82dce"
vary
Accept-Encoding
x-goog-generation
1695048440043040
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=N8ppLg==, md5=Nt6pTYun1v2kq5ix/sgtzg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
131010
accept-ranges
bytes
expires
Thu, 21 Sep 2023 02:08:13 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame C7EC 		478 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=645c834590f2c48ad908f465
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.5.5/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e824482956fc97fb6ddfb83ac8b6351f910132f1a60faf84a9eff927023919fa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:13 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdufo14zJb98eMM3jmpED4Y9nFD_hcFyKrqLe5VfRnnaysViJjNLabyABIH9r-H3oaY0W-hs85s2SOBgZR8vjyT30iMFM7hL
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
131010
last-modified
Mon, 18 Sep 2023 14:47:20 GMT
server
UploadServer
etag
"36dea94d8ba7d6fda4ab98b1fec82dce"
vary
Accept-Encoding
x-goog-generation
1695048440043040
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=N8ppLg==, md5=Nt6pTYun1v2kq5ix/sgtzg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
131010
accept-ranges
bytes
expires
Thu, 21 Sep 2023 02:08:13 GMT
truncated
/ Frame A9CB 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=extra.globo.com&sn=&ic=0&tgt=1&app=&wi=700&he=393&test=&d36=6.2.128&apppkg=&fv=1&proto=https&clsid=a44811b3-7797-494c-aab5-1b861a7802d2&rando=42&pid=621cca388ba47d78a102e506&cid=62ce741fc6e4546c8d7def07&stagid=&stplid=&e=inventory&vi=0&cb=1695261493937
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.88.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-88-143.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:13 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
t
t.lkqd.net/ Frame 380B 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:14 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:14 GMT
server
nginx
avpb7.51.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame A9CB 		222 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
99c65b45011c8cc1887a9028fb5f5baaa3a7983ca88598b3a45d6a25311ee93b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:13 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt7GqPZsgPfz5nsazEMAB1nIQstcWU2RhS9htnqTttSXXoaE3WDEQ7SnJjv30WPVosdEx6TUtUU2h6EkEMRdzaAODr1tWQn
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71816
last-modified
Mon, 18 Sep 2023 14:47:20 GMT
server
UploadServer
etag
"c9b181d284ad064cbec87f0257ac82c2"
vary
Accept-Encoding
x-goog-generation
1695048440620728
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=QHb9Vw==, md5=ybGB0oStBky+yH8CV6yCwg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
71816
accept-ranges
bytes
expires
Thu, 21 Sep 2023 02:08:13 GMT
avpb7.51.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame A9CB 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a0.js
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b5b51d89a8486ee9a21480fef1232a4040f5362d7a13176e617a4cb6839166f4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:13 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt3F515NWySdCufHuQzvGwCurc4k8wZ9f4n4UFGVjqmatDyz3eux5HpYtJrL3UpxALWGE_xCYuFBgECilGZTuVitQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23120
last-modified
Mon, 18 Sep 2023 14:47:20 GMT
server
UploadServer
etag
"9d483b0db38e960f5c12c6299791b325"
vary
Accept-Encoding
x-goog-generation
1695048440650389
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=AciE/g==, md5=nUg7DbOOlg9cEsYpl5GzJQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
23120
accept-ranges
bytes
expires
Thu, 21 Sep 2023 02:08:13 GMT
truncated
/ Frame 857E 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=extra.globo.com&sn=&ic=0&tgt=1&app=&wi=700&he=393&test=&d36=6.2.128&apppkg=&fv=1&proto=https&clsid=e709866d-1d50-4091-82d2-990d50874eec&rando=14&pid=621cca388ba47d78a102e506&cid=62ce739af7dbc53bae7f0fe6&stagid=&stplid=&e=inventory&vi=0&cb=1695261493979
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.88.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-88-143.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
adv
grid.bidswitch.net/ 		60 B
361 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/adv?auid=381154&u=https%3A%2F%2Fextra.globo.com&r=1695261489&gdpr=1&gdpr_consent=&bf=1.9&cbb=5261494012
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.233.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-233-77.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d43319f37d6149f84a8b1c661b446b080d4ce518e7ead74776de1252cabbf3f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:14 GMT
Server
nginx
Content-Type
text/xml; charset=UTF-8;
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
60
truncated
/ Frame C7EC 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gov.aniview.com/api/adserver/tag/1/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gov.aniview.com/api/adserver/tag/1/?AV_URL=https%3A%2F%2Fextra.globo.com&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=645c834590f2c48ad908f465&AV_CHANNELID=645c88ca4aa578f6460438d6&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=extra.globo.com&AV_DADPOS=1&AV_GPID=/645c834590f2c48ad908f465/645c88ca4aa578f6460438d6/extra.globo.com&d36=6.2.128&responsive=1&sver=4&avtoken=494033&omv=1.0.1&clsid=6e2edd4c-0416-471a-9181-22abb9936d9f&rando=14&AV_WIDTH=700&AV_HEIGHT=393&AV_DNT=0&cb=1695261494036&AV_C_USER_ID=1695261489337-948283613259-001244-004-000819&wfc=1
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.125.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-125-213.compute-1.amazonaws.com
Software
/
Resource Hash
9a3f99b7a6eaa51403bda5c318dca2120e979afd2dedeefa92605db151484bfe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:14 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://extra.globo.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Sat, 09 Sep 2023 12:11:34 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=extra.globo.com&sn=&ic=0&tgt=1&app=&wi=700&he=393&test=1&d36=6.2.128&apppkg=&fv=1&proto=https&clsid=6e2edd4c-0416-471a-9181-22abb9936d9f&rando=14&pid=645c834590f2c48ad908f465&cid=645c88ca4aa578f6460438d6&stagid=&stplid=&e=inventory&vi=0&cb=1695261494035
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.88.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-88-143.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 6905 		28 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473006&zone_id=2804594&size_id=275&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=%22application/javascript%22,%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C2198792843705111947335412301%2C%2C&gdpr=&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.149.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-149-186.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:14 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
5691
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 6905 		28 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473006&zone_id=2804594&size_id=203&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=%22application/javascript%22,%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C19247057093705111947335412301%2C%2C&gdpr=&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.149.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-149-186.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:14 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
91081
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 6905 		67 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&_fw_us_privacy=&zoneId=7439281&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C1972846083705111947335412301%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:14 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1695261494002018-384
Expires
Thu, 21 Sep 2023 01:58:14 GMT
/
adx.adform.net/adx/ Frame 6905 		65 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://extra.globo.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 6905 		28 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473006&zone_id=2804594&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=3&rp_schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C5100688873705111947335412301%2C%2C&gdpr=&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.149.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-149-186.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:14 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
58651
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6905 		814 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C8947750693705111947335412301,,&_fw_gdpr=&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f30b7b62bb2fedf289dc1c285302131c3e773612d263facb983dc7e15b4c5d34

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:14 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
814
x-sticky-vk
1695261493784054-366
Expires
Thu, 21 Sep 2023 01:58:14 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6905 		831 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C37051119473354123011257591123%2C%2C&_fw_gdpr=&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9e400b8ba4fc8b03ae96c0a1c30e09af2f2c62d5ff32a1c9d8ba1ce3b52d1bc5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:14 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
831
x-sticky-vk
1695261493986018-351
Expires
Thu, 21 Sep 2023 01:58:14 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1017 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b2ab75392588627422d12d5d0382c862a77d774c05f5cab4336b7c719500256f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:14 GMT
an-x-request-uuid
40489604-7efd-4758-9a28-3cbd43d89208
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://extra.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3285a3b42817917627f4d6f281c7ac6b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:14 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:14 GMT
server
nginx
t
t.lkqd.net/ Frame 380B 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:14 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame F3CE 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6f992"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=44977, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Thu, 21 Sep 2023 14:27:51 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=extra.globo.com&rs=extra.globo.com&sid=19977&t=1695261494&cip=195.206.105.131&sn=&tgt=1&osv=10&bv=89.0&brn=Chrome&wi=700&he=393&app=&AV_PUBLISHERID=645c834590f2c48ad908f465&test=1&d64=2469589ad9c3caddd562a685cf3abfaa&d63=2469589ad9c3caddd562a685cf3abfaa&aafaid=&proto=https&uid=1695261489337-915231903259-001236-006-006080&cha=0.7&stagid=&stplid=&d35=&d36=6.2.128&cb=24051267862&d39=&d65=&d66=&d74=&d56=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=700&AV_HEIGHT=393&&ppid=645c834590f2c48ad908f465&nid=6444c646246df090c706ac34&pcid=645c88ca4aa578f6460438d6&ncid=645202884516c67aea037c56&pasid=645c88ca4aa578f6460438d5&e=request&cb=1695261494288&asid=64e619848ff08d1b280360ac&ofpr=&fpo=&ri=1
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.88.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-88-143.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame F3CE 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1695261494316
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:14 GMT
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6400"
X-Cache-Status
MISS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=47538, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25600
Expires
Thu, 21 Sep 2023 15:10:32 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:14 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261494184037-350
Expires
Thu, 21 Sep 2023 01:58:14 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame F3CE 		301 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:14 GMT
Server
nginx
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1695261494377000-348
Expires
Thu, 21 Sep 2023 01:58:14 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame F3CE 		67 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_gdpr=&schain=1.0%2C1!vidoomy.com%2C59871%2C1%2C8947750693705111947335412301%2C%2C&_fw_gdpr_consent=&vav=5222e399468bf0347350238623d01597&vaviv=b3eee9467748ae7e94fcef4e0ccd4e49&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:14 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1695261494282014-430
Expires
Thu, 21 Sep 2023 01:58:14 GMT
postback
s.update.indexww.com/2/2.104.0/974276/AkJekfYMEPKRY4dv/ Frame 2B67 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.indexww.com/2/2.104.0/974276/AkJekfYMEPKRY4dv/postback?ap=&bt=programmatic&cb=306033568693174406&de=2&dm=728x90&gt=CH&md=1&pp=187924&to=3&pi=26031911&ti=1&ui=ZQujKutf4JN9V-XEBbC8xQAA&ci=974276&ac=4443522&cr=26031911&di=extra.globo.com&pv=69d02f4a-d031-4176-9856-493aafac93e4&pc=37681&si=295013&sr=indexexchange.com&sid=AkJekfYMEPKRY4dv&oz_sc=c1e9db5944cf3d08e0843a33&oz_df=1695261494388&oz_l=90&cv=3
Requested by
Host: s.update.indexww.com
URL: https://s.update.indexww.com/2/2.104.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 21 Sep 2023 01:58:14 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
t
t.lkqd.net/ Frame 380B 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:14 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:14 GMT
server
nginx
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:14 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261494393011-424
Expires
Thu, 21 Sep 2023 01:58:14 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3BEQ8KW6YJF88ZQS2PKX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:14 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261494289029-338
Expires
Thu, 21 Sep 2023 01:58:14 GMT
soundOff.svg
creatives.seedtag.com/assets/ Frame D32B 		551 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.seedtag.com/assets/soundOff.svg
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99798d0fd2a85d5934a88779366fe4826d6b830ecd0b00c24d6b456961c49cd8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:14 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1623851893
age
240
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Sep 2023 15:22:44 GMT
server
cloudflare
etag
W/"5214793385d32569fb98144157d5ef21"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
809eb3b4495b01df-ZRH
expires
Thu, 21 Sep 2023 01:54:13 GMT
xtoclose.svg
creatives.seedtag.com/assets/ Frame D32B 		684 B
681 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.seedtag.com/assets/xtoclose.svg
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.80.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eba879eb0741766c6b53c1b2a7933f67e6de03943191056ef0b449123029cad

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:14 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
x-goog-meta-goog-reserved-file-mtime
1623851893
age
259
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Sep 2023 15:22:44 GMT
server
cloudflare
etag
W/"a84ec19cfcfa6eebec3c95a2840d5fc5"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
809eb3b4495d01df-ZRH
expires
Thu, 21 Sep 2023 01:53:54 GMT
truncated
/ Frame 2A12 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame C523 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6f992"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=44977, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Thu, 21 Sep 2023 14:27:51 GMT
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame C523 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1695261494525
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 01:58:14 GMT
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6400"
X-Cache-Status
MISS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=47538, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25600
Expires
Thu, 21 Sep 2023 15:10:32 GMT
auto-user-sync
ads.stickyadstv.com/ Frame C523 		0
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:14 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:14 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261494138081-386
Expires
Thu, 21 Sep 2023 01:58:14 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame C523 		301 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:14 GMT
Server
nginx
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1695261494300046-383
Expires
Thu, 21 Sep 2023 01:58:14 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame C523 		67 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=&schain=1.0%2C1!vidoomy.com%2C59871%2C1%2C37051119473354123011257591123%2C%2C&_fw_gdpr_consent=&vav=c16d7f694513c397e4ec6394de2a88cc&vaviv=0bdaf7711afbc83c0920e6eb324ec592&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:14 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1695261494313054-393
Expires
Thu, 21 Sep 2023 01:58:14 GMT
t
t.lkqd.net/ Frame 380B 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:14 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:14 GMT
server
nginx
user-matching
ads.stickyadstv.com/ Frame C523 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:14 GMT
Server
nginx
nnCoection
close
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MWFhMDEyYTJiZWY1MWM0MTI1OTNmN2Y5NjRlMzVi&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Access-Control-Allow-Credentials
true
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261494479036-421
Expires
Thu, 21 Sep 2023 01:58:14 GMT
user-matching
ads.stickyadstv.com/ Frame C523 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GH52RRJDGS8FKE41FDMC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:14 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=1aa012a2bef51c412593f7f964e35b&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1695261494353066-380
Expires
Thu, 21 Sep 2023 01:58:14 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:14 GMT
server
nginx
t
t.lkqd.net/ Frame 380B 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:14 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
track
track1.aniview.com/ Frame 1FBD 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=extra.globo.com&rs=extra.globo.com&sid=44966&t=1695261489&cip=195.206.105.131&sn=&tgt=1&osv=10&bv=89.0&brn=Chrome&wi=700&he=393&app=&AV_PUBLISHERID=621cca388ba47d78a102e506&test=&d64=49a5eaa5af81d83e236dc2494a91bae0&d63=49a5eaa5af81d83e236dc2494a91bae0&aafaid=&proto=https&uid=1695261489337-948283613259-001244-004-000819&cha=0.7&stagid=&stplid=&d35=&d36=6.2.128&cb=33751028565&d39=&d65=&d66=&d74=&d56=&apppkg=&d9=1000&d37=realtime&d65=IntentIQ&AV_WIDTH=700&AV_HEIGHT=393
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.88.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-88-143.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ Frame 09BE 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=extra.globo.com&rs=extra.globo.com&sid=45787&t=1695261489&cip=195.206.105.131&sn=&tgt=1&osv=10&bv=89.0&brn=Chrome&wi=700&he=393&app=&AV_PUBLISHERID=621cca388ba47d78a102e506&test=&d64=9c34829fa4a1574eff4c6a5280b29562&d63=9c34829fa4a1574eff4c6a5280b29562&aafaid=&proto=https&uid=1695261489337-915231903259-001236-006-006080&cha=0.7&stagid=&stplid=&d35=&d36=6.2.128&cb=76489011847&d39=&d65=&d66=&d74=&d56=&apppkg=&d9=1000&d37=realtime&d65=IntentIQ&AV_WIDTH=700&AV_HEIGHT=393
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.88.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-88-143.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame C1A4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
69742
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 21 Sep 2023 01:58:14 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5289, 385742
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230131-FRA
X-Timer
S1695261495.763814,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0631 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161335
Requested by
Host: extra.globo.com
URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://extra.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=132152
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 21 Sep 2023 01:58:14 GMT
expires
Fri, 22 Sep 2023 14:40:46 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame C1A4 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:14 GMT
an-x-request-uuid
703745b6-6749-4ee4-8c8d-05b2e241bd62
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ad
v.lkqd.net/ Frame B7AB 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c4=true&c5=&c6=59871&rnd=18504535&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
802601fc9bc4892a6292c2ce2071d44cb836650267632e4c937109e2c1481ade

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:15 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1514
vpaid.js
ad.lkqd.net/vpaid/ Frame 2723 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 01:58:15 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1695261495.cds215.fr8.hn,1695261495.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame 4DC5 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 21 Sep 2023 01:58:15 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1695261495.cds215.fr8.hn,1695261495.cds226.fr8.c
ad
v.lkqd.net/ Frame 2723 		31 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c4=true&c5=&c6=59871&rnd=18504535&m=&rtv=1&thost=extra.globo.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
6a07a0633d5d50cfbb4115eaa5678c55b3a1692138337484e66d25b6191cd883

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Sep 2023 01:58:15 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://extra.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
3453
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135547&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c4=true&c5=&c6=59871&rnd=18504535&m=&rtv=1&thost=extra.globo.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Thu, 21 Sep 2023 01:58:15 GMT
server
nginx
t
t.lkqd.net/ Frame 7E2E 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://extra.globo.com
date
Thu, 21 Sep 2023 01:58:15 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
async_usersync
ib.adnxs.com/ Frame C1A4 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Sep 2023 01:58:15 GMT
an-x-request-uuid
b840c373-af2c-4a1b-b3e5-ae9ff2db9097
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
195.206.105.131; 195.206.105.131; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://extra.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://extra.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 21 Sep 2023 01:58:15 GMT
server
nginx
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 6905 		28 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473006&zone_id=2804594&size_id=275&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=%22application/javascript%22,%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C181658860038808693272038215%2C%2C&gdpr=&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.149.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-149-186.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:16 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
58687
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 6905 		28 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473006&zone_id=2804594&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=%22video/3gpp%22,%22video/mp4%22,%22video/webm%22,%22video/x-flv%22&p_aso.video.playbackmethod=3&rp_schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C164106314038808693272038215%2C%2C&gdpr=&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.149.186 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-149-186.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
date
Thu, 21 Sep 2023 01:58:15 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://extra.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
x-http2-stream-id
91121
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6905 		812 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C88026957938808693272038215,,&_fw_gdpr=&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fbf8ac9cfd41debac16758b4cffa5b3c3bc9d096e441cca0d882f992dbbecc62

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:15 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
812
x-sticky-vk
1695261495730047-389
Expires
Thu, 21 Sep 2023 01:58:15 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame 6905 		828 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C38808693272038215917127465%2C%2C&_fw_gdpr=&_fw_gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.217 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-217.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8101e664e1f145bacee35b3062d9178af299a72f6cb25f5f8a061ae909662367

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://extra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 21 Sep 2023 01:58:15 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://extra.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
828
x-sticky-vk
1695261495577047-335
Expires
Thu, 21 Sep 2023 01:58:15 GMT
track
track1.aniview.com/ Frame ADC0 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=extra.globo.com&rs=extra.globo.com&sid=45787&t=1695261489&cip=195.206.105.131&sn=&tgt=1&osv=10&bv=89.0&brn=Chrome&wi=700&he=393&app=&AV_PUBLISHERID=621cca388ba47d78a102e506&test=&d64=9c34829fa4a1574eff4c6a5280b29562&d63=9c34829fa4a1574eff4c6a5280b29562&aafaid=&proto=https&uid=1695261489337-915231903259-001236-006-006080&cha=0.7&stagid=&stplid=&d35=&d36=6.2.128&cb=76489011847&d39=&d65=&d66=&d74=&d56=&apppkg=&d9=1000&d37=realtime&d65=IntentIQ&AV_WIDTH=700&AV_HEIGHT=393
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.88.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-88-143.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://extra.globo.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 21 Sep 2023 01:58:15 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
t
t.lkqd.net/ Frame 		0
0
t
t.lkqd.net/ Frame 7E2E 		0
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 3C9A 		0
0
t
t.lkqd.net/ Frame 7E2E 		0
0
t
t.lkqd.net/ Frame 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
id.qa.globoi.com
URL
https://id.qa.globoi.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=extra-comentarios%40globoid-connect&redirect_uri=https%3A%2F%2Fextra.qa.globoi.com%2Flogin-callback.ghtml&state=51643c06-6f0f-45eb-9b0d-18430b471853&response_mode=fragment&response_type=code&scope=openid&nonce=6be8fd61-2b78-4afb-a96c-131ad94f24f5&prompt=none&code_challenge=QdCxM1WZVHSMm0_6iAaJ2OFi6ShsfBtmEYvvBUBjUxI&code_challenge_method=S256
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?source=249286
Domain
aps.zqtk.net
URL
https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Domain
aps.zqtk.net
URL
https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
Domain
gu.dyntrk.com
URL
https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEMPBbo65wziMz2tNt3DDWBk&google_cver=1&google_push=AXcoOmStIeglmESvK2RJHBQd7lOQV7MmtbdYocTH4Hq9_SH9_BcuFh8baF20JoZmycceaoQwC-yTOFUeaEXElWCoCtapUux0V6g69gA
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
cdn.stickyadstv.com
URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
t.lkqd.net
URL
https://t.lkqd.net/t

Verdicts & Comments Add Verdict or Comment

471 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| documentPictureInPicture object| cdaaas object| HorizonClient object| utag_data function| globalWebdeps object| glb object| settings function| executeParallelAuctionAlongsidePrebid object| apstag object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| _aps boolean| apstagLOADED object| apscustom object| header_data_globoid object| header_data_login_area_container object| oidcSettings string| gcomBarUseCustomUrl string| gcomBarcustomUrl string| gcomBarcustomUrlTitle string| gcomBarcustomUrlTitleColor object| SETTINGS object| bstn boolean| BASTIAN_UBER_HEADLINE object| BASTIAN_INFO object| ScrollSpy object| globoPage object| regeneratorRuntime object| localStorageCache function| stringStartsWith function| isArray function| extendObjs object| ajaxCache object| tinyBasket object| manageElementClasses object| viewportSize number| myInnerWidth number| myInnerHeight function| fnSpriteSvgSuccess function| setImmediate function| clearImmediate object| WM function| comScore object| ns_p object| googletag object| pbjs function| bannerLazyLoading function| disableLazyLoad function| enableLazyLoad boolean| libPubReady function| $ function| jQuery object| pbjsChunk object| _pbjsGlobals object| ggeac object| google_tag_data object| google_js_reporting_queue object| $jscomp function| __extends object| Horizon object| glb_realtime_map object| pvm object| loadTimes function| convertRecAb object| horizonResources function| HorizonSendEvent function| HorizonSchedulePageLoadEvent object| editoraGloboAuthenticationLib object| __SENTRY__ function| _ object| commentsEl undefined| google_measure_js_timing number| google_unique_id object| gaGlobal function| Bastian object| Criteo object| dataLayer object| _gaq object| jQuery183042330716028173 object| tv4 object| __uid2SecureSignalProvider object| __uid2 object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_141 object| Criteo_identitytag_141 object| signal_decrypted function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| google_tag_manager undefined| arrayGloboId object| GlobalIvcNamespace function| ivc object| bVejaMais undefined| observer undefined| config function| e function| t object| marfeel object| n object| d object| _taboola boolean| isMobile number| tempo boolean| fixed object| publicidadeFixa function| renderBanner function| insertPubInText object| MAP_POSITIONS function| renderPositions function| insertPubInImage function| insertPubFloating object| COMMON_POSITIONS function| GloboAB function| JsonpService function| Util function| CacheService object| Cadun function| EventService object| GloboIDSDK object| _cdn object| cq object| globoAB function| getCookie function| hasCookie function| removeOldVersionsFromStorage function| insertUserDataOnDataLayer function| insertUserDataOnStorage function| getGloboIdFromCookie function| getUserDataFromLocalStorage function| getUserDataFromUsergate function| finishEvent object| taboolaEvents object| _tblConsole number| trc_debug_level object| TRC object| TRCImpl undefined| __startEngine boolean| __tblTrecsInit function| __trcDebug function| __trcError function| __trcInfo function| __trcWarn string| pm_pgtp object| Snowplow object| webpackChunk_marfeel_marfeel_sdk object| tp object| __mrfCompass string| HORIZON_RECOMMENDATION function| insertHorizonRecommendation function| notifyHorizonRecommendation boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx undefined| _tb_vpmd boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| _seedtagq function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam string| trc_article_id string| trc_item_url string| trc_map_url object| trc object| permutive object| apntag object| __permutive function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| hi object| _pm_mcg object| image object| webpackJsonp1695223139981 boolean| _st_loaded object| webpackChunk_marfeel_compass_multimedia_sdk function| requestAnimationFrame1 function| cancelAnimationFrame1 boolean| _seedtagLoaded object| _seedtag number| taboola_view_id function| onYouTubeIframeAPIReady object| libAnalytics string| GoogleAnalyticsObject function| ga boolean| libAnalyticsReady object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| gaplugins object| gaData string| nam object| placementData object| lkqd object| TTTagManager function| TTTagManagerError object| _ttq_tt_seedtag object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| cmTag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| hadron boolean| __halo_loaded__ object| au object| _cm_wfCounters object| WP3 function| Zepto object| WM_PLAYER_VIDEO_TAG_TEST_AUDIO object| WM_PLAYER_VIDEO_TAG_TEST_MUTE object| Clappr object| vttjs function| WebVTT object| commonSignals function| commonTracker function| sendCommonHit number| lnt_z function| startCMTagMain object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog string| category function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer string| lastWfUrl object| storageAni string| _seedtagTemplateInstrumentation

281 Cookies

Domain/Path Name / Value
extra.globo.com/economia/noticia/2023/08 Name: _gada_ses.f514
Value: *
extra.globo.com/economia/noticia/2023/08 Name: _gada_id.f514
Value: 7debafae-a782-412d-be64-e57f45fbe4bb.1695261482.1.1695261482.1695261482.24a9d1a9-5bfa-4c88-ba76-4ba3ad458c37
extra.globo.com/economia/noticia/2023/08 Name: privAu
Value: 0
cutt.ly/ Name: PHPSESSID
Value: 2ob2t4aucfcuu4744bnklec43v
.scorecardresearch.com/ Name: UID
Value: 1612efb0ed8b4b4bfe76a231695261480
extra.globo.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.globo.com/ Name: pbjs_sharedId
Value: 4f01de84-66d9-426b-9900-d772231794c9
.globo.com/ Name: lotame_domain_check
Value: globo.com
.adnxs.com/ Name: uuid2
Value: 7078119663561859382
.criteo.com/ Name: uid
Value: fd1540b8-b87f-4db7-97aa-8cee8f365d63
.openx.net/ Name: i
Value: 71d4c017-d118-4f51-b4d4-768b9a48c59c|1695261481
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 398586=5637718
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pid
Value: 906539967438444046
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D73_0_0t%3B%24dma%3D0&c=1&l=635210033&lo=90626159&lt=638308582816882169&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1500031714%3B%24ql%3DUnknown%3B%24qt%3D73_0_0t%3B%24dma%3D0
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 686e9f91dffaf4c2e5263c4958081b60
.rubiconproject.com/ Name: khaos
Value: LMSIWYU5-1Y-417D
.amazon-adsystem.com/ Name: ad-id
Value: A326x4C_0EntnzKJFdmnPHY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.globo.com/ Name: _cc_id
Value: 686e9f91dffaf4c2e5263c4958081b60
.globo.com/ Name: panoramaId_expiry
Value: 1695866281786
.globo.com/ Name: panoramaId
Value: df66b851409d31eff92d3271f26816d5393820c4dbb7241cdff1ecc80f3cab91
.globo.com/ Name: panoramaIdType
Value: panoIndiv
.globo.com/ Name: _hzt.interval
Value: 20000
.globo.com/ Name: kppid
Value: 133239250106269917538
.globo.com/ Name: hsid
Value: 0c3b182c-7b9a-447a-b6a6-1c67ff130bbc
.globo.com/ Name: GLBEXP
Value: YbVymsIvov7L1yrnsOxYqkcp97xUxfEDbqcuIgt45vY=
.doubleclick.net/ Name: IDE
Value: AHWqTUnIamf8DRZBUu-fvrZAyU5PTb6kBOdlqLCtS4G8U9JOWZZHb4JPT3CQCLU-G4M
.globo.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1695261482%2C%22currentVisitStarted%22%3A1695261482%2C%22sessionId%22%3A%22a1f0c679-9c5b-4f66-b490-53e7273c0c92%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml%22%2C%22referrer%22%3A%22%22%7D
.globo.com/ Name: compass_uid
Value: c80f5fcf-750b-44b8-9ee9-a7b8bbe7dd77
.globo.com/ Name: cto_bundle
Value: syOsol8lMkJ3WWFibXNZNWl4Z0F4QjRxUXd1b24zYVBsOGpRcSUyQiUyRlVhdUFRTDBabUJ2SmpEc2V6RWR5Zlhrb0hzTzNzTzhwazNuM1ZlalVVTmlCNzFjQzlxeE5vR01QaTZZVjIwZHFXZXR2Z2I1UEIlMkZXRm54cXhwMmNFWVRnNFd5enVSJTJCem10N2NOMTJWQ1QlMkJOVVdEd3UzNmlQcXclM0QlM0Q
.globo.com/ Name: __gads
Value: ID=867e77098217fd78:T=1695261481:RT=1695261481:S=ALNI_MYboeAK46eKE6jwLJo4SO1URg1eaQ
.globo.com/ Name: __gpi
Value: UID=00000c7aeaec8c1a:T=1695261481:RT=1695261481:S=ALNI_MYKaynU0yBeZp5JWKYhR9g3qxAk9w
events.newsroom.bi/ Name: 1464_u
Value: c80f5fcf-750b-44b8-9ee9-a7b8bbe7dd77
events.newsroom.bi/ Name: 1464_s
Value: a1f0c679-9c5b-4f66-b490-53e7273c0c92
events.newsroom.bi/ Name: 1464_lv
Value: null
events.newsroom.bi/ Name: 1464_ut
Value: 0
.smaato.net/ Name: SCM
Value: 20e766a60e
.smaato.net/ Name: SCMaps
Value: 20e766a60e
.csync.loopme.me/ Name: viewer_token
Value: 40865a8c-397a-4ab6-86b1-61a24f3778ff
.casalemedia.com/ Name: CMID
Value: ZQujKutf4JN9V-XEBbC8xQAA
.casalemedia.com/ Name: CMPS
Value: 5191
.casalemedia.com/ Name: CMPRO
Value: 5191
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B499B7AD-7917-48EE-AC2C-59DD92D48E33
.adform.net/ Name: uid
Value: 1945593063401236011
.brand-display.com/ Name: _knxq_
Value: b590bebf-a1ea-6c2c-0015c7ad.1695261483.0.1695261483.1695261483
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZQujKwAR9Vc2rQAb
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_4cb4e547-5822-11ee-9fce-121a6d1d7927
.smaato.net/ Name: SCMie
Value: 20e766a60e
.lijit.com/ Name: ljt_reader
Value: HWxWpGZH8JLneMwdQJ2j3lGK
.globo.com/ Name: glb_uid
Value: "rJJWfBythrbNyUi8ulMo2sWK29syIkbSUOtTynv4imU="
cocoon.globo.com/ Name: GCLB
Value: "c27cf918265eef31"
.quantserve.com/ Name: mc
Value: 650ba32b-a03a1-5cab1-68728
.3lift.com/ Name: tluid
Value: 3924388147102839183918
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22717C223B-D2A7-452D-1761-BE345F50F875%22%7D
.acuityplatform.com/ Name: auid
Value: 830157082853
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRS0uVhSOmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUtLlYUjo90aGlyZFBhcnR5VXNlcklkWkNBRVNFSm1hamc1QW42bzdtN1QwTGJGek12Sfv7hnZlcnNpb27C+w=="
.zemanta.com/ Name: zuid
Value: QFxydsN5lPe_QrjASGNT
.weborama.fr/ Name: AFFICHE_W
Value: wOIZsvQ8V0jA12
.de17a.com/ Name: guid
Value: 1.2847261290142645612
.teads.tv/ Name: tt_viewer
Value: db9a1f97-3a89-4d1a-a919-a2c13c0f55ce
.simpli.fi/ Name: suid
Value: 2EFA5667346448F8AB63B285A5ABB642
.bidswitch.net/ Name: tuuid
Value: 288a0a7b-baec-457a-b3a8-f6f3afd79784
.bidswitch.net/ Name: c
Value: 1695261483
.bidswitch.net/ Name: tuuid_lu
Value: 1695261483
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1945593063401236011&KRTB&23263-1945593063401236011&KRTB&23481-1945593063401236011
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJn7wKdst5utB-0ZCY8Qby8&KRTB&23025-CAESEJn7wKdst5utB-0ZCY8Qby8&KRTB&23386-CAESEJn7wKdst5utB-0ZCY8Qby8
.globo.com/ Name: permutive-id
Value: f841ea74-0c76-473f-b9e8-f09d818e4170
.yahoo.com/ Name: A3
Value: d=AQABBCyjC2UCEHYHIQ9An2BpmhZSeAf7b9UFEgEBAQH0DGUVZQAAAAAA_eMAAA&S=AQAAAn8xDwAmg6qk-jamG1ARYtU
.d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/ Name: pxid
Value: 4dc61c1b-d486-444c-a1d1-9b617b404af3
.audrte.com/ Name: arcki2
Value: 1cf4YbirxeaRD6ManHPfElY6g!20220908!1695261484074!ip#195.206.105.131
.audrte.com/ Name: arcki2_pubmatic
Value: B499B7AD-7917-48EE-AC2C-59DD92D48E33!20220908!1695261484078
.youtube.com/ Name: YSC
Value: Rkz1YqPnh8c
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: MN-EF2hnm8Y
.lkqd.net/ Name: lkqdidts
Value: 1695261484
.seedtag.com/ Name: st_uid
Value: fb8f72d8-41c4-48aa-acfd-1b1ebc0bb3df
.seedtag.com/ Name: st_ssp
Value: Y291bnRyeV9uYW1lPVN3aXR6ZXJsYW5kJmNvdW50cnlfaXNvMj1DSCZjb3VudHJ5X2lzbzM9Q0hFJnJlZ2lvbl9uYW1lPVp1cmljaCZyZWdpb25faXNvMj1aSCZjaXR5X25hbWU9WnVyaWNoJmxvbmdpdHVkZT04LjQzNjMmbGF0aXR1ZGU9NDcuNDA0NCZ6aXA9ODAxMA==
s.seedtag.com/ Name: gv
Value: -
.linkedin.com/ Name: bcookie
Value: "v=2&9438d55a-6a56-44c4-8c02-66c776644358"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTUyNjE0ODQ7MjswMjG0umzltHiWjfF2WRDgk57YsOeBSwuvH3cTx4qcaEudew==
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2838:u=1:x=1:i=1695261484:t=1695347884:v=2:sig=AQE6UJJEJVTVl0bvH5240vWv0joJWRCH"
ads.resetsrv.com/ Name: ckbk
Value: 000001116690D1D8
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjI4OGEwYTdiLWJhZWMtNDU3YS1iM2E4LWY2ZjNhZmQ3OTc4NCIsImV4cGlyZXMiOjE2OTc4NTM0ODR9fX0=
.lkqd.net/ Name: sr103
Value: 1||1695261484
.lkqd.net/ Name: lkqdid
Value: 7beYp_ofopg
.audrte.com/ Name: arcki2_ddp2
Value: 1cf4YbirxeaRD6ManHPfElY6g!20220908!1695261484310
.turn.com/ Name: uid
Value: 3738334591507536300
.lkqd.net/ Name: sr54
Value: 1|40865a8c-397a-4ab6-86b1-61a24f3778ff|1695261484
.globo.com/ Name: _gid
Value: GA1.2.617622873.1695261484
.globo.com/ Name: _gat_UA-50597390-10
Value: 1
extra.globo.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D53c13de5-6794-4b36-8379-b3f7585ff31e-tuctc0528ac
.lkqd.net/ Name: sr94
Value: 1|3738334591507536300|1695261484
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d52e9d16-d4d2-5779-4656-76ce448f9be7.Qbv%2Fxsns17MJFnWkF8VelS1IZTiWDIV4F9eI7NbqT1Q
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d52e9d16-d4d2-5779-4656-76ce448f9be7.Qbv%2Fxsns17MJFnWkF8VelS1IZTiWDIV4F9eI7NbqT1Q
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A1S6dFtTSV3lGVnbORI-b58POaYM.wr1dwdUzyKayaNjnayaNJG0TaKuz3IEFJGppMgWz0G4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A1S6dFtTSV3lGVnbORI-b58POaYM.wr1dwdUzyKayaNjnayaNJG0TaKuz3IEFJGppMgWz0G4
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFw81Y6zjAHx1IMXgvkq8n88n2qC4xUNfUPhpLpgFrVhEHwYBCCsxq6oBjABOgTwi70wQgRAhGca.vWtAcvgMpL1yHTPzK8DLYaJmRxCSNu48YRmyku6r5C4
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFw81Y6zjAHx1IMXgvkq8n88n2qC4xUNfUPhpLpgFrVhEHwYBCCsxq6oBjABOgTwi70wQgRAhGca.vWtAcvgMpL1yHTPzK8DLYaJmRxCSNu48YRmyku6r5C4
.krushmedia.com/ Name: krm_r
Value: 57
.krushmedia.com/ Name: krm_usr
Value: 0401c18a-cee0-41dd-9bf6-05f3942e0e3f
.clientgear.com/ Name: mkuuid
Value: mkbeaac44ccc2949dba272d57345ae292c
.omnitagjs.com/ Name: ayl_visitor
Value: 221f3a70f2afdba78a0e8490c80ce750
.richaudience.com/ Name: pdid
Value: 2d543cf9-d417-4db4-8b61-1zz1695261405
.creativecdn.com/ Name: u
Value: yUyoNLW9ZHw7nDJpwtS0
.creativecdn.com/ Name: ts
Value: 1695261484
.contextweb.com/ Name: V
Value: lIBltm0HGXpD
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 3ea4bd354e675900
.adx.opera.com/ Name: UID
Value: OPUdd1964431d80457ca9ca37e876c7cc5e
.360yield.com/ Name: tuuid
Value: 1b6e2241-4b10-4959-afd1-1387c727541d
.360yield.com/ Name: tuuid_lu
Value: 1695261484
.audrte.com/ Name: arcki2_adform
Value: 1945593063401236011!20220908!1695261484898
.globo.com/ Name: _ga_WE4K4RF1F3
Value: GS1.1.1695261484.1.0.1695261484.0.0.0
.globo.com/ Name: _ga
Value: GA1.1.156638556.1695261481
.lkqd.net/ Name: sr93
Value: 1|1S6dFtTSV3lGVnbORI-b58POaYM|1695261484
.lkqd.net/ Name: sr102
Value: 1|0401c18a-cee0-41dd-9bf6-05f3942e0e3f|1695261485
.openx.net/ Name: pd
Value: v2|1695261482.3|iyvQvNgun0.j8gqwksLmOge
.advertising.com/ Name: A3
Value: d=AQABBC2jC2UCECNHUiTP6WPRwt_XTDCwWtQFEgEBAQH0DGUVZbtj0CMA_eMAAA&S=AQAAAhDqIC41okV3MK4oe2LsoWw
.admixer.net/ Name: am-uid
Value: f8d883f0dc734b80a814cfefc7c2f949
.richaudience.com/ Name: avcid-opx-uid
Value: 40d5b6a4-20a1-47d0-b53f-3358d328952b
.richaudience.com/ Name: avcid-apn-uid
Value: 7078119663561859382
.richaudience.com/ Name: avcid-sma-uid
Value: 906539967438444046
.adotmob.com/ Name: uid
Value: 0996220400452a0f2b180df2
.adotmob.com/ Name: uuid
Value: 0996220400452a0f2b180df2
.adotmob.com/ Name: partners
Value: AYL%3A1695261485257
.smilewanted.com/ Name: sw_user_params_infos
Value: 8sdRREvsw7LjLys0YvGw81qqxaMjXLcg1SmSOFCR52jI5a%2F0TcLo0FSmiVSyGyK0ej6n0g3tK8tGosZKJLKQ%2FvY3YiVBN6AlTcGPUOEBFasf24FVEzLjhgCokX8Hf%2FLaAS0ogEFr3sy3ahC%2FiqTp0Q%3D%3D
.globo.com/ Name: __qca
Value: P0-1955577917-1695261484814
.richaudience.com/ Name: avcid-aol-uid
Value: y-SLhXIzBE2uHri3u5PdujMrkBqbSEkQD.~A
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 3f6a4ce6-40ca-5208-86f3-3f62e3f89c4f
.betweendigital.com/ Name: ss
Value: 1
.postrelease.com/ Name: visitor
Value: 2cf14e59-dca8-44c4-b66a-d33e1f18866c
.postrelease.com/ Name: status
Value: 0
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjc0M7A0MrM0thDiM9SNCtD1SPf31E31sCwGAE6WqMUlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMjc0M7A0MrM0thDiM9SNCtD1SPf31E31sCwGAE6WqMUlAAAA
.adhaven.com/ Name: uid
Value: 4c_ce3f21a1-f6ad-43e1-92a3-b091e8bbd8f0
.scoota.co/ Name: tuuid
Value: 7c2b990e-db94-446e-afab-8ba7a9b8bc8b
.scoota.co/ Name: c
Value: 1695261485
.scoota.co/ Name: tuuid_lu
Value: 1695261485
.betweendigital.com/ Name: ut
Value: ZQujLQAK1XB5zCcDx3i9cjaNAcVqfy5WpsaHUw==
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AAGosE7KF0YAABnKmyoZjw
.gumgum.com/ Name: vst
Value: e_a3263899-2fa2-49aa-a5bf-714969814fec
.lkqd.net/ Name: sr7
Value: 1||1695261485
.lkqd.net/ Name: sr22
Value: 1||1695261485
.lkqd.net/ Name: sr23
Value: 1||1695261485
.lkqd.net/ Name: sr25
Value: 1||1695261485
.lkqd.net/ Name: sr45
Value: 1||1695261485
.lkqd.net/ Name: sr55
Value: 1||1695261485
.lkqd.net/ Name: sr86
Value: 1||1695261485
pool.admedo.com/ Name: tuuid
Value: f5e96277-db67-4937-a9cb-f717eef9b894
pool.admedo.com/ Name: c
Value: 1695261486
pool.admedo.com/ Name: tuuid_lu
Value: 1695261486
.spotim.market/ Name: vmuid
Value: e30acaa57d00effe
.spotim.market/ Name: a644680
Value: 3924388147102839183918
.spotim.market/ Name: a482928
Value: 9ba67081-c100-434f-858e-7e767f3434ec
ads.smartstream.tv/ Name: DID
Value: e613c9023dc8ec0b0b69d93dad5b8930
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
.smaato.net/ Name: SCMv
Value: 20e766a60e
.sitescout.com/ Name: ssi
Value: 87519deb-ea90-4498-a09d-ddd1ec568284#1695261486541
.pubmatic.com/ Name: DPSync3
Value: 1696464000%3A201_227_226_219_197_245_241_235
.sabio.us/ Name: sbid
Value: 5127801215003724970
cm.adsafety.net/ Name: UID
Value: CM12023092101e1581be49ec9a69fdd8
.adsafety.net/ Name: cm_uid
Value: CM12023092101e1581be49ec9a69fdd8
cm.adsafety.net/ Name: cache0
Value: L2UzeGVJMkNTL0pzMlRFUXR5b1cvc2VWMU9LQ1NKUHh4Z29DU3RtWkR4ZlBEUklDTWFOcnN1WTljQnJsNE95bDB4TUsrU0lLcGZoUlo2dmhORTA0cS92Z1lzYk5Rc3ViRXNvd3pUbWN6L2Mrd1I5b0VOQ1I1UnNlMGFzSCtNeWxOWlJlZnZBc3FGSzZhaytubU0zSHNHQTdmRTAwdXVFVXBuTkkyOUg1NDg5MHVKUXIzQ01EMTMxdHo2QW9wVEdhaDNNeitJc0Z1ajdoQmV5VnNKTTVVUHJvbCtOM1RQMjJqQlVsZ3NNazMvb3BHcnNLa0FlU3p5ZXFtNDRKcEVENVd2ai9BVlBzZGhYUFVNeUVTbDhkZ1JhVVlNcy9EVzBMM3NacHZoeFlLOHhISkhzVjYyOU5GQnJlN2dNOHVPYThvZmpZVlpuU3RQU0NFNEhpcDJ2RlZBPT0%3D
.lkqd.net/ Name: sr80
Value: 1|AAGosE7KF0YAABnKmyoZjw|1695261486
.lkqd.net/ Name: sr52
Value: 1|ZQujKwAR9Vc2rQAb|1695261486
.lkqd.net/ Name: sr76
Value: 1|3Z5VJoqYVybGylV3ippIcYjKB3XGnV1z2ZN7WgQO|1695261486
.lkqd.net/ Name: sr53
Value: 1|lIBltm0HGXpD|1695261486
.lkqd.net/ Name: sr59
Value: 1|CAESEAic8dZ9YEP0JFO2r8CuYpU|1695261486
.nrich.ai/ Name: _nauid
Value: 146eb683-11fe-4cf7-a15e-4d8d30df69fc
.lkqd.net/ Name: sr109
Value: 1|20e766a60e|1695261486
.lkqd.net/ Name: sr90
Value: 1|4c_ce3f21a1-f6ad-43e1-92a3-b091e8bbd8f0|1695261486
.lkqd.net/ Name: sr13
Value: 1|40865a8c-397a-4ab6-86b1-61a24f3778ff|1695261486
.lkqd.net/ Name: sr6
Value: 1|cuid_4cb4e547-5822-11ee-9fce-121a6d1d7927|1695261486
.lkqd.net/ Name: sr85
Value: 1|18072662085148528352|1695261486
.adnxs.com/ Name: anj
Value: dTM7k!M4/8D>6NRF']wIg2E?$pS(Ou!EKxF$ANgQ9sk@3@'s>Tg<cu*
.lkqd.net/ Name: sr39
Value: 1|5127801215003724970|1695261486
.quantserve.com/ Name: d
Value: EBwBKAGAKoEO-TCJiTDsroEInYEJuowQ
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5NTI2MTQ4NzAyNywiMzkiOjE2OTUyNjE0ODY4MDksIjciOjE2OTUyNjE0ODY4MDksIjc1IjoxNjk1MjYxNDg2ODA5fQ
.spotim.market/ Name: a448580
Value: B499B7AD-7917-48EE-AC2C-59DD92D48E33
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7078119663561859382&KRTB&23339-7078119663561859382
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-FXzjIUJ64SEOKONwQnj-dkAosXIOf-t0EXFSCPSw&KRTB&19420-FXzjIUJ64SEOKONwQnj-dkAosXIOf-t0EXFSCPSw&KRTB&22979-FXzjIUJ64SEOKONwQnj-dkAosXIOf-t0EXFSCPSw&KRTB&23403-FXzjIUJ64SEOKONwQnj-dkAosXIOf-t0EXFSCPSw
.outbrain.com/ Name: obuid
Value: 25ec1891-130e-4653-a987-ef7c37ace3d7
.adfarm1.adition.com/ Name: UserID1
Value: 7281092644835424410
.lkqd.net/ Name: sr12
Value: 1|288a0a7b-baec-457a-b3a8-f6f3afd79784|1695261487
.onaudience.com/ Name: cookie
Value: c8146b70f3b088f8
.onaudience.com/ Name: done_redirects104
Value: 1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c4479bd1-9d2e-44e9-b2c2-88384286ff10-003%22%7D
.ipredictive.com/ Name: cu
Value: 6a08188d-82e7-47da-8966-e52a9fad3bf9|1695261487126
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-1S6dFtTSV3lGVnbORI-b58POaYM&KRTB&23334-1S6dFtTSV3lGVnbORI-b58POaYM&KRTB&23417-1S6dFtTSV3lGVnbORI-b58POaYM&KRTB&23426-1S6dFtTSV3lGVnbORI-b58POaYM
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7281092644835424410&KRTB&23369-7281092644835424410
.zeotap.com/ Name: zc
Value: d073b50d-2f10-4564-44f3-6a42912ee23a
ads.playground.xyz/ Name: connect.sid
Value: s%3Az1FK87mxgW6hZT0PSesd-1lPOBP2eN_D.qgnnjtKBQqBcQWIiIZNDiRvcxpKCg%2FsrwgqsM4nIAv0
.semasio.net/ Name: SEUNCY
Value: A3549B887EF6186B
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUdd1964431d80457ca9ca37e876c7cc5e&KRTB&23485-OPUdd1964431d80457ca9ca37e876c7cc5e&KRTB&23524-OPUdd1964431d80457ca9ca37e876c7cc5e
.admanmedia.com/ Name: ac_r
Value: CS71
.adsby.bidtheatre.com/ Name: __kuid
Value: 6ae53944-2414-41d7-b3ff-cb5dff7b15ae.464475487
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348&KRTB&23418-87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348
.tapad.com/ Name: TapAd_TS
Value: 1695261487490
.tapad.com/ Name: TapAd_DID
Value: a3d6a2a9-3a56-4dd5-a718-03e3684b69fa
.admanmedia.com/ Name: admtr
Value: e52f791e-e6c7-4c00-a345-1c6e3772b0cd
.bumlam.com/ Name: suuid3
Value: IiQ0ZjI5ODczNi01ODIyLTExZWUtYjFkYS0wMDI1OTBjODI0Mzc*
.globo.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1695261482%2C%22userId%22%3A%22c80f5fcf-750b-44b8-9ee9-a7b8bbe7dd77%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1695261482%2C%22timesVisited%22%3A1%2C%22userType%22%3A0%7D
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3738334591507536300&KRTB&23150-3738334591507536300
.lkqd.net/ Name: sr43
Value: 1|288a0a7b-baec-457a-b3a8-f6f3afd79784|1695261487
.spotim.market/ Name: a708476
Value: RX-c4479bd1-9d2e-44e9-b2c2-88384286ff10-003
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAGosE7KF0YAABnKmyoZjw
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAIVRMx2uWJxwNEv3n8AAAAAAA&KRTB&22713-AAAIVRMx2uWJxwNEv3n8AAAAAAA&KRTB&22715-AAAIVRMx2uWJxwNEv3n8AAAAAAA&KRTB&23519-AAAIVRMx2uWJxwNEv3n8AAAAAAA
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.onaudience.com/ Name: done_redirects147
Value: 1
.smartadserver.com/ Name: csync
Value: 76:CAESEKpZPx616xU6wbafGddqmXA|80:Lir5Nnks-zY1fvlneS7kYXt-q2U1KfFjKidiOtNp|127:AAGosE7KF0YAABnKmyoZjw|139:0
.analytics.yahoo.com/ Name: IDSYNC
Value: "192z~2e1d:18vu~2e1d:18z8~2e1d:175w~2e1d"
.dotomi.com/ Name: DotomiTest
Value: 6e18aba38f611774
.socdm.com/ Name: SOC
Value: ZQujL8Co8XkAAGUZh3AAAAAA
.lkqd.net/ Name: sr46
Value: 1|288a0a7b-baec-457a-b3a8-f6f3afd79784|1695261487
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-288a0a7b-baec-457a-b3a8-f6f3afd79784
.lkqd.net/ Name: sr97
Value: 1|87519deb-ea90-4498-a09d-ddd1ec568284-650ba32e-4348|1695261487
.pubmatic.com/ Name: SyncRTB3
Value: 1695859200%3A2_15_223%7C1696118400%3A63%7C1696550400%3A35%7C1696464000%3A3_220_243_22_54_161_88_204_55_254_21_99_251_13_264_81_71_214_56_8_46_238_249_166_233_165_234_176%7C1697846400%3A203%7C1700438400%3A69
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 8
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlqZGZoYmFhYmQOAPEwAjQQAAAA
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c4479bd1-9d2e-44e9-b2c2-88384286ff10-003%22%2C%22nxtrdr%22%3Afalse%2C%22zdxidn%22%3A%221508%22%7D
.seedtag.com/ Name: st_cs
Value: EM1X33WBkDFJbtd2vOtS42LWDlBxqg98BSzYGo0/knhV9aIAQAk8p3EqJJOvtP++FIVNqxKGN7axysSeZf4Fc3oJk0MrGyoMhFg110SmAKpnQ/D4eXzxc9T2K4KftDaX0NECkg+t3ZcJko9m8/MmClVGwO0WHiRkQMLEv4vU640RTfY9iJeYGODxtnDKqfrsBwGXM1CpB4Q/JNtxg8onXy3ktiNBKRCFpNJ+aHDje7hgMjIdm1eMaQWy7o3ZYFV/u83CzA22xdGWdf5SaIfChrEqK4ImTw7AeKs5fqa+9YcG6Hiam8VoM63MZPCnFvfuVJgiszHuShbhxHF92RoCMU/o7RfFBvnKHvwRxZG8k90Zyy/6opZ/BBXW9dq4OzncZO+dbBSdEU6ZWx9dbduGOFeW6spEq+ZlmcCR9LzbcuFlngNoq7UXn+rfJbkexl3C/0IfPG2XzqP8EeJmwHy+myoYoGtWEgfnPGfeTAAsiQPpPOGGnpEhVgLl7JxLTPFr6WdWc8SlQwgg+ac1fY7MxpRbM3zEHM8o2LEf3Yvb/HwHMOnZ8TDSUMizCl0GWrI985SnJr/zqeBIL5+apJYs8N/hCqDVLI7AubWUuPjpvfZWAzANt0/7DG3ARY5I6RspxO1L8MLtNUe3G3OBV6pbxEco8wO/wGLeJrPGbc3yW0shdfAEuk0wS0PAgjPhKLjved2ZsVZVWFhgq+RkmR/h4KKegRpo6ZlswNm/HRCjlZQw/Z9aIwrKU5BAjel+Q1ZW
.ctnsnet.com/ Name: cid_4643293b4a614ee59dfcf5bdc7abbedb
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5141210827160926938
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-2847261290142645612
.tribalfusion.com/ Name: ANON_ID
Value: acnyfbr2PKdFuYnRXpnA8LsKokf5nGqd6IP8H44ZdZdvZck8Dc2BfLUpi70lAZa0e2a3qIaEEcZbDL4T8FT8DauhH0BcIZdrV171CHGH5neuGvg1oYZc5rT3lFdBBPuaYWiH87jlBjBJ0UZdpA3hJ9ZbVQNBZb
.onaudience.com/ Name: done_redirects200
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23413-B499B7AD-7917-48EE-AC2C-59DD92D48E33&KRTB&23505-B499B7AD-7917-48EE-AC2C-59DD92D48E33
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1695283088661
.richaudience.com/ Name: avcid-pmr-uid
Value: B499B7AD-7917-48EE-AC2C-59DD92D48E33
.richaudience.com/ Name: avcid-pmt-uid
Value: B499B7AD-7917-48EE-AC2C-59DD92D48E33
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-F1rNcAsvjSbWUhTaMYhaSSMS
.gammaplatform.com/ Name: _aGeoIp
Value: BE|Mons
.gammaplatform.com/ Name: _aUID
Value: 9d5vj50j2vr6
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-9d5vj50j2vr6&KRTB&23465-9d5vj50j2vr6
.pubmatic.com/ Name: PugT
Value: 1695261488
.ads.stickyadstv.com/ Name: UID
Value: 1aa012a2bef51c412593f7f964e35b
.awin1.com/ Name: awpv11482
Value: 412871|1695261489|505627e0-5822-11ee-8c55-226543793aa5
.tryiqos.ch/ Name: emid
Value: 650ba331cbf86ed0b1d47063
.tryiqos.ch/ Name: trs
Value: 650ba331cbf86ed0b1d47064
.awin1.com/ Name: awpv18851
Value: 412871|1695261489|50619991-5822-11ee-b5a9-2261897cac57
.awin1.com/ Name: AWSESS
Value: 382783:2578904
www.conrad.ch/ Name: HTLP_timestamp
Value: 1695261489603
www.conrad.ch/ Name: CEAffHA
Value: AW
.www.conrad.ch/ Name: __cf_bm
Value: nVgr53Qy398ckgL_KjbWCOf6evtK21w8csPLLXxO.ws-1695261489-0-AVj2rFo8zplt6sLNj+O0VwcI3jbCpC0h5stBTB5YOIZrntwJbxWlhaRWmEAvZfO1Eo1p5vYcHKgBqinHvauWTDY=
.aniview.com/ Name: aniC
Value: 1695261489337-915231903259-001236-006-006080
.contextweb.com/ Name: ccpa
Value: 1---
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1mz8|8jz.0.1|7bq.0.1|7dN.0.AAGosE7KF0YAABnKmyoZjw|8o4.0.1
.fwmrm.net/ Name: _uid
Value: uml1229_7282223796728647955
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.aniview.com/ Name: 1_C_9
Value: 1aa012a2bef51c412593f7f964e35b
sync.aniview.com/ Name: 1_C_9
Value: 1aa012a2bef51c412593f7f964e35b
.aniview.com/ Name: 1_C_55
Value: 7078119663561859382
sync.aniview.com/ Name: 1_C_55
Value: 7078119663561859382
.aniview.com/ Name: 1_C_1
Value: B499B7AD-7917-48EE-AC2C-59DD92D48E33
sync.aniview.com/ Name: 1_C_1
Value: B499B7AD-7917-48EE-AC2C-59DD92D48E33
.aniview.com/ Name: 1_C_10
Value: lIBltm0HGXpD
sync.aniview.com/ Name: 1_C_10
Value: lIBltm0HGXpD
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-1dcc098a-cb1a-3217-902b-cd5ebb256706
.aniview.com/ Name: 1_C_105
Value:
sync.aniview.com/ Name: 1_C_105
Value:
.aniview.com/ Name: 1_C_3
Value: GDPR
sync.aniview.com/ Name: 1_C_3
Value: GDPR
.ads.stickyadstv.com/ Name: MRM_UID
Value: uml1229_7282223796728647955
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: uml1229_7282223796728647955
.ads.stickyadstv.com/ Name: pxId
Value: 7169
.pubmatic.com/ Name: SPugT
Value: 1695261489
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAGosE7KF0YAABnKmyoZjw
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoP0IxYE9vSVVqbBgMWySGKnddJL2ro25+knsgPXRR++PizQZ9lKnKHm1jiDaPOKika58GG/Jg7s+CAnekPgJibJK1ZNT9xmQMbsm1clVNMrQ==
.aniview.com/ Name: 1_C_5
Value: LMSIWYU5-1Y-417D
sync.aniview.com/ Name: 1_C_5
Value: LMSIWYU5-1Y-417D
.seedtag.com/ Name: st_csd
Value: 1695261491335:1695261491335
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEPAC-EbmlI9tSg7c9RqgHz4
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-459V4SxE2oMnCm0HpiQrLJHvKj1S6fR_h0KKQTJ6~A
.adnxs.com/ Name: icu
Value: ChgIoNZ3EAoYAyADKAMwtsauqAY4A0ADSAMKGAiTm3gQChgBIAEoATCpxq6oBjgBQAFIAQoYCMPzeBAKGAEgASgBMKvGrqgGOAFAAUgBELbGrqgGGAQ.

23 Console Messages

Source Level URL
Text
rendering error URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml(Line 904)
Message:
Error: <svg> attribute width: Unexpected end of attribute. Expected length, "".
rendering error URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml(Line 904)
Message:
Error: <svg> attribute height: Unexpected end of attribute. Expected length, "".
rendering error URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml(Line 904)
Message:
Error: <rect> attribute width: Unexpected end of attribute. Expected length, "".
rendering error URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml(Line 904)
Message:
Error: <rect> attribute height: Unexpected end of attribute. Expected length, "".
other warning URL: https://098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://globo-mab.globo.com/mab/bastian-advwblt-r5:extra:desktop:multicontent:dinamico/chooseAndIncrement
Message:
Failed to load resource: the server responded with a status of 422 ()
network error URL: https://globo-mab.globo.com/mab/bastian-advwblt-r5:extra:desktop:multicontent:ep/chooseAndIncrement
Message:
Failed to load resource: the server responded with a status of 422 ()
network error URL: https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?source=249286
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Message:
Access to XMLHttpRequest at 'https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml' from origin 'https://extra.globo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Message:
Access to XMLHttpRequest at 'https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml' from origin 'https://extra.globo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Fextra.globo.com%2Feconomia%2Fnoticia%2F2023%2F08%2Fespn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662085148528352
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://idsync.rlcdn.com/464986.gif?partner_uid=7beYp_ofopg
Message:
Failed to load resource: the server responded with a status of 451 ()
worker error URL: blob:https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/4b838e1f-a452-4508-989b-e798c5232c66
Message:
Mixed Content: The page at 'blob:https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/4b838e1f-a452-4508-989b-e798c5232c66' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/4b838e1f-a452-4508-989b-e798c5232c66
Message:
Mixed Content: The page at 'blob:https://d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com/4b838e1f-a452-4508-989b-e798c5232c66' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
javascript warning URL: https://extra.globo.com/economia/noticia/2023/08/espn-vai-criar-marca-de-apostas-esportivas-em-acordo-com-rede-de-cassinos-no-valor-de-us-2-bilhoes.ghtml
Message:
The resource https://config.seedtag.com/libs/@seedtag-ads/creatives@4.30.47.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

098571e3473173ded60799c46f53bf06.safeframe.googlesyndication.com
0f708961b8f1feaf0d154d64eb24d8ba.safeframe.googlesyndication.com
1f2e7.v.fwmrm.net
4cywq-eqnre.ads.tremorhub.com
a.ad.gt
a.audrte.com
a.tribalfusion.com
a.vidoomy.com
a4548.casalemedia.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.lkqd.net
ad.mrtnsvr.com
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.resetsrv.com
ads.rubiconproject.com
ads.smartstream.tv
ads.stickyadstv.com
ads.travelaudience.com
ads.vidoomy.com
adx.adform.net
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amazon-tam-match.dotomi.com
ams3-ib.adnxs.com
ap.lijit.com
api-2-0.spot.im
api.permutive.com
aps.zqtk.net
as.ad4m.at
assets.ad4m.at
b1sync.zemanta.com
barra.globo.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cat.fr3.eu.criteo.com
cc.adingo.jp
cdn.adnxs.com
cdn.ampproject.org
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.permutive.com
cdn.prod.uidapi.com
cdn.stickyadstv.com
cdn.taboola.com
cdnjs.cloudflare.com
ce.lijit.com
ced-ns.sascdn.com
client.aps.amazon-adsystem.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.adsafety.net
cm.g.doubleclick.net
cms.quantserve.com
cocoon.globo.com
config.aps.amazon-adsystem.com
config.seedtag.com
core.iprom.net
cr.frontend.weborama.fr
crcdn01.adnxs-simple.com
creativecdn.com
creatives.seedtag.com
cs.admanmedia.com
cs.krushmedia.com
cs.lkqd.net
cs.seedtag.com
csm.eu.criteo.net
csync.loopme.me
csync.smartadserver.com
csync.smilewanted.com
cutt.ly
d1842feb9b2e983c89c4f758c2cf2243.safeframe.googlesyndication.com
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
esp.rtbhouse.com
eu-u.openx.net
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
event.clientgear.com
events.newsroom.bi
extra.globo.com
fastlane.rubiconproject.com
fonts.googleapis.com
gadasource.storage.googleapis.com
globo-ab.globo.com
globo-mab.globo.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gov.aniview.com
green.erne.co
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
horizon-schemas.globo.com
horizon-track.globo.com
horizon.globo.com
htlb.casalemedia.com
ib.adnxs.com
id.hadron.ad.gt
id.qa.globoi.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imageproxy.eu.criteo.net
imasdk.googleapis.com
imprammp.taboola.com
inv-nets.admixer.net
invstatic101.creativecdn.com
ipac.ctnsnet.com
ivccf.ivcbrasil.org.br
jadserve.postrelease.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
media.sabio.us
min.tryiqos.ch
mug.criteo.com
mwzeom.zeotap.com
nxd.adhaven.com
oa.openxcdn.net
oajs.openx.net
odr.mookie1.com
onetag-sys.com
openx2-match.dotomi.com
optimized-by.rubiconproject.com
p.glbimg.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
player.aniview.com
pm-widget.taboola.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.scoota.co
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.nl3.eu.criteo.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.glbimg.com
s.seedtag.com
s.spotim.market
s.tribalfusion.com
s.update.indexww.com
s2-extra.glbimg.com
s3.amazonaws.com
s3.glbimg.com
sb.scorecardresearch.com
sdk.mrf.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-dmp.aura-dsp.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aniview.com
sync.bumlam.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.outbrain.com
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.spotim.market
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync.tidaltv.com
t.adx.opera.com
t.lkqd.net
t.pubmatic.com
t.seedtag.com
tags.crwdcntrl.net
tags.t.tailtarget.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
unified.adsafeprotected.com
ups.analytics.yahoo.com
us-u.openx.net
usergate.globo.com
usersync.gumgum.com
v.lkqd.net
vast.aniview.com
vidanalytics.taboola.com
video.seedtag.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
www.awin1.com
www.conrad.ch
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
ads.stickyadstv.com
aps.zqtk.net
cdn.stickyadstv.com
gu.dyntrk.com
id.qa.globoi.com
sync-dmp.aura-dsp.com
sync.search.spotxchange.com
sync.tidaltv.com
t.lkqd.net
104.16.80.121
104.18.24.18
104.18.27.193
104.19.150.54
104.22.69.131
108.138.17.76
108.138.9.235
116.202.150.116
124.146.215.43
13.224.192.181
13.32.121.65
13.32.99.105
134.122.57.34
138.197.55.50
141.226.228.48
141.94.170.64
141.95.171.142
142.250.186.66
147.135.143.112
147.75.84.158
151.101.1.108
151.101.129.44
151.101.193.108
151.101.65.44
151.101.66.49
151.139.128.10
154.59.122.79
16.182.101.80
162.19.138.118
162.19.138.119
162.55.120.196
167.235.184.171
168.119.72.236
173.231.180.197
178.250.1.11
178.250.7.11
178.250.7.9
18.134.84.21
18.194.60.143
18.204.125.213
184.30.16.183
184.30.16.195
184.30.22.30
185.106.33.48
185.170.62.230
185.184.8.90
185.239.172.77
185.255.84.153
185.64.189.112
185.64.189.226
185.64.191.210
185.86.138.150
185.86.139.93
185.89.210.90
186.192.81.117
186.192.81.177
186.192.90.3
186.192.91.5
186.192.91.9
188.42.196.115
192.132.33.69
193.0.160.130
195.5.165.20
198.47.127.18
198.47.127.19
198.47.127.20
198.47.127.205
2.16.97.41
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
208.93.169.131
212.36.83.246
213.155.156.164
216.52.2.86
216.52.2.91
217.79.178.236
23.37.42.132
23.56.205.163
23.67.137.210
2600:1f18:1aca:4281:43fd:8cd4:5872:a15c
2600:9000:211e:200:1b:5138:8a40:93a1
2600:9000:21f3:800:8:48e:53c0:93a1
2600:9000:223c:e000:6:44e3:f8c0:93a1
2600:9000:2250:6200:a:e047:753:6381
2602:803:c003:200::31
2603:c020:400d:3000:67b7:1059:7283:c690
2606:4700:10::6816:1857
2606:4700:10::6816:3556
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:8ee
2606:4700:20::681a:bd1
2606:4700:3033::ac43:9fa2
2606:4700:4400::6812:29aa
2606:4700::6810:5714
2606:4700::6811:190e
2606:4700::6812:19ad
2606:4700::6812:bae0
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:800::2001
2a00:1450:4001:802::2001
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
2a00:1450:4001:831::200a
2a00:1450:4001:831::201b
2a00:1450:400c:c00::9b
2a01:4f8:261:2acb::2
2a02:2638:3::10
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:d::11
2a02:2638:d::4
2a02:2638:d::a
2a02:2638:d::d
2a02:26f0:3500:595::2c79
2a02:26f0:480:f::213:7ec4
2a02:26f0:780::5f65:366b
2a02:fa8:8806:13::1400
2a05:d018:1914:d732:916f:481d:8a41:2291
2a05:d018:d29:3601:970f:dde0:5c57:1e8b
3.19.54.139
3.227.105.123
3.231.191.235
3.66.233.77
3.75.62.37
31.172.81.158
34.102.146.192
34.102.163.6
34.102.253.54
34.107.148.139
34.107.184.81
34.107.254.252
34.111.113.62
34.111.129.221
34.120.107.143
34.149.50.64
34.160.19.107
34.160.236.64
34.228.88.143
34.243.93.43
34.246.32.191
34.247.147.142
34.247.233.198
34.251.244.57
34.95.229.88
34.95.81.168
34.96.70.87
34.98.64.218
35.156.21.31
35.158.149.186
35.170.236.174
35.174.117.224
35.186.154.107
35.186.193.173
35.190.0.66
35.190.39.111
35.198.44.170
35.198.52.213
35.201.123.184
35.204.158.49
35.210.53.219
35.211.79.33
35.214.166.168
35.227.252.103
35.241.9.51
35.244.153.86
35.244.159.8
35.244.174.68
37.157.2.234
37.157.6.243
38.91.45.7
45.137.176.88
46.137.70.201
46.228.174.117
47.252.78.131
50.31.142.127
51.68.39.188
51.89.9.254
52.18.35.108
52.212.143.67
52.22.163.254
52.223.40.198
52.25.155.196
52.28.250.143
52.4.190.58
52.46.130.91
52.7.89.35
54.171.14.223
54.178.182.181
63.35.23.211
64.202.112.255
65.9.66.68
67.202.105.21
67.220.224.144
68.232.35.16
69.16.175.10
69.173.144.139
69.173.144.165
69.173.151.100
69.20.43.192
76.223.111.18
77.243.51.122
8.2.110.134
80.77.87.163
82.145.213.8
85.114.159.118
89.149.192.65
91.210.226.74
95.101.54.217
98.98.134.243
99.86.4.128
008a9e7d891db96cb0dce94a888f6a8a466472682f4142455703a44c75d9f734
014d98184c6d1852e7b771a5c28fe6cf6da165532a6c559785e58d03f5c200e3
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0362e4043341864c9bf2331c1556e86938f3251b4ae4cbfeb69a8466e351799e
03bd05cfb6d0789c54678927cfbd8d3ab3c9b721cee69b3dec80dc9c521149dc
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04093939f530cec2013c63c11d5645a26c2d62a6a81a30d3f46c2cedc9ff177c
05f11f1ac4a6df5d3a90188730ed15b26d9876a49fb6450dba4bf6a178c45dea
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07a170a7411835031a08ba9a8499c88b73eb0e9ca71729ad3bdcfce3c4332242
081cc38e56991b93304e5475c735e842120abf8396be9e481766d518220300a0
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0a79f9c96605d834f1f9150388ca2def865f8d2b4e04e441e48ecf8872fd40cd
0a7b362fdc278d023dc0517c49ba607dafaefeee54c748ce26a30c96aab55cfd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0c42d3f8e41df59becbaf7da2bb7947a930d625bda6f78ed2ed5299fb9288366
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0e6a263dc460cbc352f680902f930c20068fb732aa980375d99a16bea01ba96e
0f4d7a32cc21d2228b1ff6041790968c40115d5c5d5c27db419141c616fdbd7d
0f542b3b98cad1981a4429a7fca302c9ac09632ae83ff3419ed8ea8ccf3b9295
0f5c2d956e369cdbc5e041ad4436bc88a19a6fb8d56b1fc43e100a9428555ed3
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
119bd26642efebb26f23860b9eccf80e49377ef303f0d915f8b1aa4426d50133
1254823d720a289ead2de21f29a80e5e3d92c85a02eb3aeeaceb60849d81a641
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a894204a5610001032f9a8e347e0cb760abb93f761c8123ab1cd98d972a59c
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
14a32594b479cf64cb7525d2b3a369076e0b8b048f96bfb0222799ddd8ec949c
1542823f030453a41535fc240c010a0277b05f9999340d8a0ab96e241458b71c
166a5d38934ddd901f7ace38b6c6efc8142df07d514ac1ee214d89897935a267
166cfe7c2adcd0f393ea3723890e487b38af3385a921a8c14f2886f0dd9cc696
1695ac5d61f4e05a6954db52f7ab5b68c9e9753a710b71e5e2e2c62e06d523e6
171a128c043d930abdd29b98c54e26baa4c852db3404d78b948fe0ff948a4a19
179f5fbdd7194be791a7f0e342ef1595449c98423c03cbe92b499649ebe833a1
18578d62a9379765eca00416dd6f2f3f1593bb85b6c5031a16b1ec25180d16a1
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188ad1f5f1635b83df77cd27805c09bf37ec353c01f8bd731c8624612f28f353
1adf93cdb20979390e5dfad4efb3f17e307f94e3d4dca70588d43423ef696adb
1b708efa9b247ef966739eac928a97adcc0b07f9a446dcebe6999eb66b7f9592
1b7ea7b4fd600119635bf8c44e2dc85306ff53b06b39ab7b7e6171d30d8d5864
1b9e67bc1ba473352d144e6ba0aac3ddb281c94057a8292763044c5cc2a81fbb
1bde658df6e7fc967fdfa663ef601083be84e4dfb80de29e5423d8d618bf790e
1c5e3616522e0f74d1294012414ac84d5e10691b0205307aa446eaf85a7c6cff
1ce3def28719a71258b0cc6a55b7828981aac60df5f99b8a63272705ccf65374
1d36c56b88c137d416d950f63e7ef2ee1bcfc941abe4348f21e45022af68a49b
1e66fc9571f5687bc50f6d4695d0aae0d10c4d4e313936bdafb5a539bb9c4af9
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1fcb40bd0ee69081c9d6f022ad62888e299c0206a11588a383b7520131c6e2e3
1fe4ffc21252283544f0ed52508407b5d5bc55b157f888990ef0b332c377074b
209502d853832f09e6438a5ddedf4756c0aeac592ff5c9a59cc09817fd322e36
20c393d5efe5db837e1326c35d8b40950ed8e559a73c0e0a98053c1cc9ada1b6
2138f37e8a353aad233783e6b20c62ebccd607a993e09f4f19b59138b497b3e1
215619d70dcc8cac824c412db541e9461b9ba3ccb80462a5a125b36699e4a720
224ce81c9c235b6cbf1bbbd874e11f4cbd55b19514a4121347a3fd6b165120db
2285eabfcb7a0e46f16f9bf5ad39dc57059bd20be5c91b1480120c4796e5f27b
22ae64a982868c1e692549ed67637d8d4eb46346000245669135afc59824d687
23c84f6383cabfceb3842205618dad669d06fff91d31d9bcb63a3584141de4be
2482a52b9d28afd071c091bfccf3512ae6027dbbf0fdc2d6428339d8f8a05d7d
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b
25f442ef2f735494321136342c158d1661deb11b1c0924c7e4a2e5d43fb353fc
2669790e6104f003cf2c1cccf2719c7cc614e6afb737b7e93456705376f9695a
266e99197c431b0667b41f42bfb2da61c22578cab25fdf3ff95184f9a0aec416
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28a07ea9153aaa450bfa669a2fdac73af62cdbaf8ce6707818c83d3bffcbacd7
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081
296d75dcda74cfb00bd5fb9a954b66bbc41b6591ad38b8264866402a3330f299
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2a018a841b6975de20578c7c63607d4529281ae923f4c3ba172cb4d1d5e7c5bc
2a9afaa01916ac083e2db36ea08ecb58e1faaa1e9052215472d333f69c1c667a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ae1406e3c911ac10475c7f95a05fc3167d2a655466d9ba38b31abb1cf1e654e
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2be930b5841b56fd56577775b0c5043ec78a87c18fae85d402f0d0376d8e3bd9
2c0e4ecfb4e6db6ee32bf8888a21042471c255622e5f345b94074e0800f43df1
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e71f18edd174a4cb13dc9b75daa0d9d7ce1fc949585941eac0f85263893bcac
2f46f618f9ab814abd20007b90755185dfc17a7e67fc9661e7c05d98045d7790
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f9f9837acd92a73feaaf1c88bd9af3aaf8560aecadad021cc951f8fc3514e9b
2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c
2fe3a6f51dffc0843daa46b85777e305e57b0423da47efae4b4ce5e30bb3f7de
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca
3242ff915de3b41bbd99bc19f96127ca4e7b3b425e67e4768686269f1a41e783
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32a70dcadbcc1526f854440aa8a93049acdbdfcf114fc4cdabc7c146ca10664b
336b30935b26f6c19c273f6f1b69ad419ff006e776c9c64af428772c015c1000
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0
35faab1d07b33795967a3a1ba80cb5f15a6986b031ae84cefc3a4338076c5b8d
35fd96ea9c66b13e47df9c32929344dd43cab3e508b68c77e2d7e07f7563fa1a
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
388a438fc02c74efc68e12667d687b921e92f9d72896f99b404b316f245db640
38d96735bde2e2c59266472297e95420bbea8c9c3f6d5bcce1548c3a62243249
3945a98e43cd2167bfa9e8385ffa54335b9a393fa66af78f9b9deba11bd87470
395b414d8c829d139cbdbcea39158d504184b5e3ad5cdfaed7bb600362e71e5a
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a3b6228c8b0ca57f754c5044f9ac8a6dbb8ae04dbcd96f0daad569bcccbaabc
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e14424544af669f62fb667a35de09d2258dcb5f89b57d86d465058484fef06c
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed7c611b6f9ddfb96357e8a5dbf4fce3db9b592ebd6a3e464e1746e0b5935d0
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ffae00fba82ef7432036e3b4e058f5ee505cc371a93acddfbc981d2e45258d1
4095ef60dc2a51dadc1d2f407052a07ba2358e86c5b748a784328e2e6376722c
40e4951dffea740356de1c800b47ff35a1fac0756b592a4ff5ea9a316b0119b9
414738fd06dbfb990521cc9ed5ad8b69b272707e710a59d8d7b8120b1cc21871
41f45d7390eefcb237f44c1076020c8e5053973dba260bc88af47f4d802922b8
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44ef27d282c60679f606f3ad5564ae043ed12516d368ad8d6c6634d56bdce1e9
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d99c5aaf98f85eb1ee5f970fdc1c3729296ce2ec5eb43740bccb7bf8ed6df1
4a054e74d60a467b75b2c79ccd2ac7d05af78bcac8c8a9e03db489d24854c8a0
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
4b1c2b95d73cdb2422a659bb04a945d0ee1b1da61209c4ef35773a631a8f4edf
4cbcf052edc16dcdf7e674e4e0dff0a86b81610b4143237286cbdec2c1d560fd
4d30543ac6e90772e81a0884755c1ec57baacc83daac73fa91e30682c82d13dc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fd6b812d56865b9c24a9ed4492c49396d63b1807c8b217235505d0b1afb0b40
5033293e256bb175ce2bc73ac163961a4ca34595815bdd67f702a5f74422d727
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
515afbcddbb10cbbf772f4a0e4eb8f44a43702f7ed211055eef9bff0386a95c8
5179b36a3da3daf10974f2e8c7247baa53ba3a6af2d96c051f45ffcb13e9ff65
51d124d36cad7f55b97069e9ccd3c06c32174f2d09e959bd9912366b06f12ec6
52183d75783af6fc50c603595828f6cf368f6639643f126b3b3afb0cfff3885d
5363601ae17d7a5fa626c15742ee2633a6025b5cc5d6f1afd9758e08928471f7
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
5a345ccc6b2609cc4b224276077a6431d8c4c69e3f8f92798cfa05efe0870c6e
5acb4f8c5ebc0c80915fd5eab10552423c48ca7c6903748c27c5b81712bc782e
5c413de57e629fbba188d440b4d7e5f2e4458ce3be46973223d8b44caf071f52
5d23de1a1c532a046b9e5a8780d834d300e899ab8e67cff75c4de8b1e9268620
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
603cff041c3543d52c80727596ba99522cc3aaae88c3cba3644abfd043f13d23
604c11d6218811b97bc0c0be77727bd7d592e54953949578579099b836e9aa3d
60b0f8f7a630b8cf83d4c29ddd3e6e614b119208fe97a96cae6dc6311541671b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
63f0942174b97eb4a82f56de89c28b45d8499a9ae4564e73a1c0f8a084f8f9c3
64846d5b397ac811fdbedc8b0d633b5a573cf0bb73c94135de0909dbf8005aee
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
671906991d0d3028fd621283623a2c849adea4a0b8800f19c1b68873596adec5
67c3e5f2e2e3be9ba3f8320e6e248491b6d53d92e24af289cb6217644cc9e7a8
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463
6a07a0633d5d50cfbb4115eaa5678c55b3a1692138337484e66d25b6191cd883
6a37db47c18bef69710511d93c04fc9ea341235080185d5f8381754d5ebbaf57
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6eab12f9767a07a5105e94841c27d672441e1fe9d6987a2ebf8ffa32ce2609dd
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6fc8c519813ae69ffb5c95d87821ffbc940db1a1a2070bdbfed21d0e53fc4991
71c61f2dfa7f304323163478fe9e1bc1cfe3910382a43142b55f61be5af8c670
723f9d1a00a556b0985d12bb418005e7d69bc3093067451a8caa978ed32edfdc
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
73e021bf6400695e6e5f0b0d1afd85d09dc91fa864cc148811d561f7ccda99ff
741a7f8b5f083c607886fde34eb487eb4805c55dbe295ed830647e8ea2b05762
7659e38f6164f83d23c6eae6532f28680d542830ae2d7c1527f6eaac644f5652
76714abafeb985a7df98100b44d1e8f1de24bacd2c75dce8122bcb3f75259594
7685e65210217feb938b17708b9adcdbd2556c8b063a7ac160f6872f27730582
76aae8220248248906a3d7054d057027805d94af276d13c3fe0f2baff0b64e6a
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7814278f8b5b125aa0d5b7fa09fbd4bb5399e094f23ecdae65521d9601e8955c
7828d1fa2b425d04b18e730ee7afb5407bf82e5732fbd896f38f8d653673adaf
78d63606546b6f50c7e2e277b874df217c0bcbbb85f4b4ea073969719d9acf68
7ae68dc2155bf81ca6f5f2137ad88dc947123e2b88bdbe6585c65983ac7f92bf
7b2773a16d7a49f0585878fd5063c7ba26951b71feafabf4995b2563ce314eaa
7b3974deab9eb5e48e5d66b3f37c0c8edaa15d4208e1e3b6451a33182ead9860
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7dbb8873176bc4d165aeddaeec0aa66eefdb1acf637b7f4d026fea13ed412989
7de69759ddcb9e9368125d45e2232206cc918fcee9bbb765a91ddfc9dc5a3975
7e26d8d1565c0931009d287165fbb7ebf789672939f499885e2cbf050ef2ed38
7e2efd245198a6abc36b4e6e4599fadb67ddf87f30d656e882b677eadab768b4
7f1e7751de7211682870afa390d8383cddbf7845eb9d83b700752bc26602a782
7fbc9e03ba0ac8c751d0d27d513c1de3d2c35eb7ec44a51d38fbd5502e154a07
802601fc9bc4892a6292c2ce2071d44cb836650267632e4c937109e2c1481ade
80b93bf8d763f90c30e556a1f6b010e9855c6f0165f2f25ba960ae9f0374b641
80de5bfa2106ca608b9651531d576427871cf4cf1d94843ba7997599bf53eaa1
8101e664e1f145bacee35b3062d9178af299a72f6cb25f5f8a061ae909662367
817e12d4c03c5d76425e0fd8adaeb5c979daad3e847d47675f94df2b1de2094d
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
825f7901b25bf74fd5f86f17898900c221cce1f9147b92d848de56faaa79985e
8283be909d0cd1883acc49c036613505798108e33ab28d05c5e5184757cf8ef1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
854e654af8d6d85bb2e0bd12427b928d0bdcf58c4fadaae8edcc79fa550f2721
8590417c0f123ce5b22d3ff97470d890f6711555ee3f6aba0de52d8e9a6ef381
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
867e6ff391fe3ba1c1a593e9be5b7f128c516b625bc42c8be70f7d8ed19ec9ff
86cce78497865dc947e77166c36ed22dda2f7189d41741f5ef7052adf8ffd4b9
86facc779f360ee0c0fab4211bfd06ce034d77d05837c58b2a83bf26ce1b2de9
87792d280904fa09e27c96238a152b058e1a0413aad5f1ae12dfba3fee1e072f
877c319b8a36e65249be764ce80ef3891edd45848ba3627b95c7499feb0be48d
8797be25ffaa9fc494eb3acf1de32240ae5103673d148cbb7369e904f19be38e
87c967dc96e6b62dd519297dfb1c9aec9ee51eddecb8c229fdcd1f17b38fdf80
883534e5d9bd80c27d2ea791702399b34b7ab9e83d0765197b5aff946b1f6fec
89bbc56b157ce4ac1c30a25adbb81cd6b55fcbfafde080011a056edf6b7c3f72
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ab4207006c8dc5757446f16ca4f16aca5348442eb95c51482d6b29a7e17758f
8b8fbb7022d117e5729f7b16017f45910bd018c717d75acfe2b3fe1acf47812f
8be5f11b40d73f6965e5d69189d533173aca057616a3b573316868678c132bfd
8cff0d5d9cb04ce5dd461284b8961343333c429f08a9c202435cb3dd90046e2a
8d5f5b0e12413c31ac22cd7475b22477820333b983a3c0a3c589fe408cacdec5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d97b692eeed8d933610eea1368dc7ed4df32048c1824f9aa6351a99d3647351
8e1abad13842cfce1f10ec038a49780b0c8889d90f314fd084e946536e043f1c
8eba879eb0741766c6b53c1b2a7933f67e6de03943191056ef0b449123029cad
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f8494bc34c8fd03d4878e127a9608df54dcdf3e0f4abb80ec41476d5cd49690
8ff01348bfe6ea973389bcde9ac13ee9aeb13b9db99b23435df7e7f16243f295
8ff7b45adb5a57b1a3db6498e5efa2619286d9ad375c7dac62b3d08c62befb6b
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
910e1caecf006c19e3b8f42696af298300af5fa6a1e6aca84659310decb6e506
916710f78a45e4c54fd20bab7d11cde8bd8426d4e02bda60991a7838f13d3967
92627de3f8247ba3779c04c97da834843cd2ce0f9b8bcbc90d5de669286c1812
926459c49481c8f910ea82d457e2a137a059bcc2e41bc08584a69550a632764b
92ae5887ce830efd6f0ea7ac811880b7d909eec40634f71b4599c20bde930766
92d97991ec6e9a526f12410ab0994c15fbfc2a6aece69330c8cdcb59563d6250
93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
949f7e77db8af218cc9a2a24860617138c696e884a2da8f78678a8dd7e3586a0
94c9f5c82eebb0284e8df15ab44aac7bc6dbcff7a95e471cd1fff2d5bbc643c1
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06
989b69cc4a7a74df2bb81583b9bba4187bba1408e28e77adf771d7a9102bc9e2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99798d0fd2a85d5934a88779366fe4826d6b830ecd0b00c24d6b456961c49cd8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c65b45011c8cc1887a9028fb5f5baaa3a7983ca88598b3a45d6a25311ee93b
9a3f99b7a6eaa51403bda5c318dca2120e979afd2dedeefa92605db151484bfe
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae2173cd9f5fe1c855291382ba6e6e65db8880ac992e6ae5cc7092f4eca5894
9b7f4244fefd45a75e2d467f878917dbf5fd1f2cdf7fbe137caeb41ed4934703
9b8b6d92edf79322415ef0d76ce69682b76757ed798fb463d725a94177d4ab27
9e400b8ba4fc8b03ae96c0a1c30e09af2f2c62d5ff32a1c9d8ba1ce3b52d1bc5
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
9f7c5c7402c7393f38a2b5228ed4e76786e0404bc4c7ed0d3171de16525af12f
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9fc467050b657f3763d58946484d347427013193d33a3c1b691863a7af681fcd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a07624a3136d8dd528c77fd1db3c64f2715cf6fe18679e1b9c68dfd36acce4bd
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a0c97ac0ee7c08bfc9d1f338e3b6dd0fe530e0b93fe0efee7c439abe91d31334
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1b036e3d7eb1491db0fc122ad85e23cbd323a47a7213782b53a781835ab60d5
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a38c77af48646df3cf6c660e944826ca561ed3504813648d0e5712c7b2becafc
a3a8ef856df845257c7a1d2ff137f1345e6d6c304c68946c224456dfbe613c4a
a3bae0c2f78e57fd2a649e203b03e2ddf1f89b0cac077d08aebce5d0afda9022
a41628988ddb24e6304b002e534b034e517d24b8d6a2465a8eeaf44a8973d070
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a743839274234d4c26f8746c0fdccee37aa13d04b39cd4979de17ee94e02dfd7
a7f6bf3d4e79e967e0b1b70de5e46a16da84b04fc505eedca6da03127901953c
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
aa3ebe966a050c4716fb681161db8c5e3c966e7eef21dbc7dae3a79fd33bd535
ac121a04ee29cdc5c52c004c59aec3d9e06d82148568c810e15d192fd652623c
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b06d2520237ab14e555455ec9da0066deed1e43cc53ba14492e1682244d46baa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2196cde2d80551633efe790ebaeb62d5d0195c4873daabf6b0ec00f7bcc6fa6
b2ab75392588627422d12d5d0382c862a77d774c05f5cab4336b7c719500256f
b2c7e723dc804c4a2c35867be16851d8433f68bd665b4ead4d52246bc31567be
b333aec16065d4e4d15b10da8530a7f3954db8836bda8aeff34ca1dcf8babf0e
b4cde7388b65183e8ea4a808e83cff86c0360f7edacba2611a82eedb75f9d9a7
b5b51d89a8486ee9a21480fef1232a4040f5362d7a13176e617a4cb6839166f4
b5fee5a4d105dadfaf7053450596146e3431cc77453498401c729a7279e440f6
b8196243f0ecaa778e919df4cc37510c13d36ec594e62b6b1ffcb9c5800b3360
b81ad1210bf4276e2651563c487f1116410f97232fcf37a85c09dffa25edda2e
b8735102c115e4801631c78b33ef72f88325bc9de8c1f7546047f135b1d5e378
b948f9894d66da6d2173d9ee0748370d7c34e5d3d322ff436919a4409a47e370
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
ba6dcc0d2c7066006967aa5c3ae0dd58a4b72d8e5e471ebb2e10db4b411930be
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2361275d3847c9f3101c15f3ccc0b3ad251173b23d358a83906144fccce41d
bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f
bb9426d8540d24bf3443a3a82955995f5d745937c58b9e1d40a389c5ac700375
bbd3c8882613a9938008c2d6ca4ce43ee87dfa1edeb513d77c3244ee04a3ed58
bc7692cec5b5fb398b7cb99760f39071969c674103018e07221fbb0046227ce0
be144ad1e07e4eeb26247be4a08da3dbb3559a99ecef0dffc35bd4a359622c8c
be7edd51d898f1e25dcc18bef6ac975255e0cd0207ac9c095da0e62f6a0d01c1
bfe555be78efec6fde29edd9b0169e3a7c0c4e61187fd2584f5d9a4719ab738f
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2932d2940db4792419b6ca2caf5923d64eba7e4d5c0f9afa0d04e563454c696
c637bc70cc671cda4cc4885f7b5f53537f9ded298f7ddcb6a784ca244606f0ea
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c75b004f13b3e2306b69cfade153d04a09799d9b2eea288a306bfeccdec2fac6
c7c285f41b4dfdf6dea71e93fc9b61e1ea5f9a161bde0e3ee03fa2f7adb6ca43
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b
ca4b4c6b2668c131d23a70cb70891743c9b8455664733c1c3fcd5a5cb854ff36
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caecbd6ee40f98d71b34025e990f1ded5e91f2030725b14f27ad056185615c28
cafd049c36286b37fb5d7d408427ab2fd8eff38a4ca6323d42cd3c2797a9a18a
cb95c60c1e70c730df8b30c024f63ca414a7cd01b9d37cd4181987933c94559b
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
ce1fbfa5046f54fb3cafdf7b6cbe0bb4cffd07d87a5545d779d35587ab11e75e
ce482ff8e187324dd84a7742030cad19c4cbdb4302904e7ccf7d20d33000f518
ce8e46e5be745d71c448cc8c1d9dcf73ae79d468581559e51fdacbb04460d4d0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01b2cf5b15e8ea0ef57c0ccc66a390b354d8dbc11410035fb73eb12ab3ee514
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d147b57fc6e0d0c683ba5a151708c5a907d50aad859fadf0768bf3becc9b76c5
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d34178fd2e5a63ee1aeada7c11ef3f65639935fee58ba0eafa99b2b1dbd67ee3
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
d420a6e1e5b3a77cc45a1073e30511769e8d08717bb134d7e644582ed458f54b
d43319f37d6149f84a8b1c661b446b080d4ce518e7ead74776de1252cabbf3f1
d4ba3dae77e5ef843925296c5ffc8a16425fca23e2bf75680640c24e6083209b
d51aa412983bb179451b98ec954890879c7e39b803771679de7fd09c2faae21e
d56d7a955eee9a8d687c0a8d9c863577b6911f8101e78eec392ba892106b60fb
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
d83f96a06e3192415275f4d4879bb14db238eb0c03ea10ef36b87f50105d0b24
d8ca3b55f0719e075e41ff4ef72119027dd7952f5363650e81d56a8ff8f80e46
da417b10878ef530228ad8bf0950fbb2cb5471a51aea7491d508af71ba394f09
dad8474906a60677f76830aff7fd797b7de90688ab55fbac7ac187038ec95910
db2a2c00742d90286ebfea9b4f1a58d3ead9cec3d0a190dcd66cc287b87e71c5
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dd19f0c92d5779bb3ca366dd57ea540d4068c78fe32b5659ec9d3cfcfd65ed3a
dd7038f54929e0100a5d49aad8dec98f40cab8925d6cf48f3d4ea211cee761e2
ddc3ed5dce07fb794976918aa8c53ab5631a6a6b6a6e83d761b661c32e2c726a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
e0ec5772581107270bcc098547d0c15e93700e9bfde94ed9d124565c8f6cdd3b
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e11357dc19f6078157349e7fcfe6019a9ba8310cbb74cb61a68a4401dc53fb22
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5abb96267c7941a84a458d9612c421dae3340d617db690c97b4313c40a0a82b
e5b67149257bc5b172463989ab9e0f33a2229adc07012eb7a7c90468505bd6d1
e735f40b7302c5d9bc85349ce69ee192d28e572d1ac9c669e3dad4822219ae48
e7913d9931339dfb68c0813ecdbcf47bbdecbe528ee901aaccfd1e396c57bfd6
e824482956fc97fb6ddfb83ac8b6351f910132f1a60faf84a9eff927023919fa
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8b4a0adb14ea158efaf4228f208bb085ceb68fcfa71b9180328944fb9a0731b
e8bf9ccc765b5576c8b86e1f75a308e112cea4c1ead476dcf94720d10fa6fb0d
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
ea16990ad58e54886f6a3d7850431798f0f46733017ffde9bb794945611260a2
ecedae9d9bd8da80442389273ce409f31a27829736bbc659b5aa9d5fd1089495
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef50ac66874936d6715c0274f054dba94ad63f7ae3ec139ace1574b2fd6ac0a5
f30b7b62bb2fedf289dc1c285302131c3e773612d263facb983dc7e15b4c5d34
f48f058d992c4b46aea381994331a917f6eaabf297e4759bc007166b7729be77
f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6642afc0e62a851e78c194362bb4811f62c864ca5a51f64d51e5725cc5027da
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6b20999bd2a94f2129771aea3c4d9d2098c882633a1e08a14d6b8f9ef49b5ee
f70d94b5dddce93ccdc98ca4798457f1943657d9415eb7131eb0c9e9a3ea4c03
f886b95f1f491f6acc454e8e5f253580dd72adbaa928a8a2da9c01a17315bc02
faa0f9c808d262ad121d8ba8a79ddb1c69a213311e044531dfc52fcfb75f12b3
facf2263e978333110dd0189c5f1bdc996049f5cb0370267797f14a6bd6cb798
fbf51a9873732d8e7d185d5c6d6398be3269c2634b22128b12e094e08190a2bc
fbf8ac9cfd41debac16758b4cffa5b3c3bc9d096e441cca0d882f992dbbecc62
fc85ea289166847f8403c00ed3d19d3f8966d6adb3be4d38282eac2499c38bb2
fc925f34ccc4d97d89b5b5b0ccca6a2ef842070eaa2be0c89dcd6d462a78e8a8
fcebab7040425d78144e6f64230bc8bc0530ff8ee94bcaf5ca73c6bb6d523460
fd67efe8aac70390a024a95f8fe3355d692a22c846e65d55e82a8aa4014843f0
fe6391c5bee94d329009097d19acf3c70bdcc8d4cbe88d0da0386547d96ce406
feaa8751094d14f899a36eef1867b158cf502c9b22352b070b7e2e50ef367a9f
febc29adb6a36579039f8665619d0e0d7f98a3e9ccf0ae54ce53c7825670d495
fee3af3afda2016dfbada8bdd0d8c9d948daadf457d013de360f1b80f4c781d1
ff2299662e6f10bda15dc45544d32ea01503b4c2bc1e5424c575a74691c2ad1e
ff304273da0f47eae2cd3afd8bef0d54b02e2c7011614f316f4e4cb2a28dc579
ff3c597073aff0bbf75ff9f9dd7320becd65b0392fa65811ae0c09e43a61453b