redirect.sales.globo.com Open in urlscan Pro
131.0.25.203 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://redirect.sales.globo.com/
Submission: On February 06 via manual (February 6th 2022, 1:42:01 pm UTC) from BR — Scanned from DE

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 21 domains to perform 57 HTTP transactions. The main IP is 131.0.25.203, located in Brazil and belongs to Globo Comunicacao e Participacoes SA, BR. The main domain is redirect.sales.globo.com.
TLS certificate: Issued by R3 on January 3rd 2022. Valid for: 3 months.

This is the only time redirect.sales.globo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	131.0.25.203 131.0.25.203	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
2	143.204.98.112 143.204.98.112	16509 (AMAZON-02) (AMAZON-02)
5	186.192.90.3 186.192.90.3	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
4	184.30.24.194 184.30.24.194	16625 (AKAMAI-AS) (AKAMAI-AS)
1	201.7.182.87 201.7.182.87	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
3	186.192.91.5 186.192.91.5	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
1	186.192.81.117 186.192.81.117	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
6	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
4 4	44.196.109.196 44.196.109.196	14618 (AMAZON-AES) (AMAZON-AES)
3 3	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
10	54.76.155.32 54.76.155.32	16509 (AMAZON-02) (AMAZON-02)
1 1	72.246.100.56 72.246.100.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	143.204.98.86 143.204.98.86	16509 (AMAZON-02) (AMAZON-02)
2 2	34.253.74.200 34.253.74.200	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2606:4700::68... 2606:4700::6810:cf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
2	201.7.182.243 201.7.182.243	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
2	35.211.79.33 35.211.79.33	15169 (GOOGLE) (GOOGLE)
1	201.7.182.142 201.7.182.142	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
57	21

8 131.0.25.203 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 131.0.25-203.prt.globo.com

redirect.sales.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-112.fra50.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 186.192.90.3 (São Paulo, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-90-3.prt.globo.com

s3.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.24.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 201.7.182.87 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)

status.sales.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 186.192.91.5 (São Paulo, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-5.prt.globo.com

s.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.192.81.117 (São Paulo, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-117.prt.globo.com

horizon-schemas.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.196.109.196 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-109-196.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.76.155.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-155-32.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.100.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-100-56.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.86 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-86.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.74.200 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-74-200.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.36 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)

sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cd.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 201.7.182.243 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)

cocoon.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.79.33 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 33.79.211.35.bc.googleusercontent.com

horizon.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
horizon-track.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 201.7.182.142 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)

usergate.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	krxd.net 4 redirects cdn.krxd.net — Cisco Umbrella Rank: 1256 consumer.krxd.net — Cisco Umbrella Rank: 1549 usermatch.krxd.net — Cisco Umbrella Rank: 1214 beacon.krxd.net — Cisco Umbrella Rank: 408	207 KB
15	globo.com redirect.sales.globo.com status.sales.globo.com horizon-schemas.globo.com — Cisco Umbrella Rank: 59332 cocoon.globo.com — Cisco Umbrella Rank: 119235 horizon.globo.com — Cisco Umbrella Rank: 53458 horizon-track.globo.com — Cisco Umbrella Rank: 46098 usergate.globo.com — Cisco Umbrella Rank: 107686	174 KB
8	glbimg.com s3.glbimg.com — Cisco Umbrella Rank: 55292 s.glbimg.com — Cisco Umbrella Rank: 66857	70 KB
4	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 939	21 KB
3	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 197	1011 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 528	941 B
2	navdmp.com sync.navdmp.com — Cisco Umbrella Rank: 8480 cd.navdmp.com — Cisco Umbrella Rank: 235596	305 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	2 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 205	2 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 138	729 B
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 369	756 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
2	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 3235	55 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	497 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1023	900 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 626	191 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 689	214 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 316	418 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 510	716 B
1	gstatic.com fonts.gstatic.com	44 KB
0	nexac.com Failed r.nexac.com Failed
57	21

	Domain	Requested by
10	beacon.krxd.net	cdn.krxd.net cdn.appdynamics.com
8	redirect.sales.globo.com	redirect.sales.globo.com
6	cdn.krxd.net	cdn.appdynamics.com cdn.krxd.net
5	s3.glbimg.com	redirect.sales.globo.com cdn.appdynamics.com
4	usermatch.krxd.net	4 redirects
4	tags.tiqcdn.com	cdn.appdynamics.com
3	cm.g.doubleclick.net	3 redirects
3	s.glbimg.com	cdn.appdynamics.com
2	cocoon.globo.com	cdn.appdynamics.com
2	sync.1rx.io	2 redirects
2	ib.adnxs.com	2 redirects
2	dpm.demdex.net	2 redirects
2	sb.scorecardresearch.com	1 redirects cdn.krxd.net
2	gum.criteo.com	2 redirects
2	consumer.krxd.net	cdn.appdynamics.com cdn.krxd.net
2	fonts.googleapis.com	redirect.sales.globo.com
2	cdn.appdynamics.com	redirect.sales.globo.com cdn.appdynamics.com
1	cd.navdmp.com
1	usergate.globo.com	cdn.appdynamics.com
1	horizon-track.globo.com	s3.glbimg.com
1	horizon.globo.com	redirect.sales.globo.com
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.navdmp.com	cdn.krxd.net
1	cms.analytics.yahoo.com	1 redirects
1	pixel-sync.sitescout.com	cdn.krxd.net
1	token.rubiconproject.com	cdn.krxd.net
1	idsync.rlcdn.com	cdn.krxd.net
1	stags.bluekai.com	1 redirects
1	horizon-schemas.globo.com	cdn.appdynamics.com
1	status.sales.globo.com	cdn.appdynamics.com
1	fonts.gstatic.com	fonts.googleapis.com
0	r.nexac.com Failed	cdn.krxd.net
57	32

This site contains no links.

Subject Issuer	Validity	Valid
redirect.sales.globo.com R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
*.appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-21` - `2022-07-22`	a year	crt.sh
s3.glbimg.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-30` - `2022-05-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
status.sales.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-04` - `2022-09-04`	a year	crt.sh
*.glbimg.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-06` - `2022-06-06`	a year	crt.sh
horizon-schemas.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-04-17` - `2022-04-17`	a year	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-30` - `2022-12-29`	a year	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
cocoon.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-15` - `2022-10-15`	a year	crt.sh
horizon.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-11-11` - `2022-11-11`	a year	crt.sh
horizon-track.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-11-11` - `2022-11-11`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
usergate.globo.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-08-28` - `2022-08-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://redirect.sales.globo.com/
Frame ID: 28D5B02F486DE5C58F28EB15562BADD6
Requests: 38 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 75E5018096F7DE6A24A1E27572DA2326
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Globo.com

Detected technologies

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

57
Requests

79 %
HTTPS

14 %
IPv6

21
Domains

32
Subdomains

21
IPs

6
Countries

574 kB
Transfer

1801 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://usermatch.krxd.net/um/v2?partner=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3BYbWYwZTk HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEKwBNhc5O_MgtdU4XxeqxGI&google_cver=1

Request Chain 32

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3BYbWYwZTk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=T3BYbWYwZTk&google_tc= HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEKwBNhc5O_MgtdU4XxeqxGI&google_cver=1

Request Chain 33

https://stags.bluekai.com/site/26357?id=OpXmf0e9&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOpXmf0e9%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
https://beacon.krxd.net/usermatch.gif?_kuid=OpXmf0e9&partner=bluekai&bk_uuid=$_BK_UUID

Request Chain 34

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=xZDF2JvrfpMODpYNt6o-QXhWE1zQXwAz

Request Chain 35

https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OpXmf0e9&rn=1644154916 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OpXmf0e9&rn=1644154916

Request Chain 36

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OpXmf0e9&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=OpXmf0e9&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=20922500389311143104303926914968144887

Request Chain 37

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID HTTP 302
https://beacon.krxd.net/usermatch.gif?adnxs_uid=3185518787597740735

Request Chain 40

https://usermatch.krxd.net/um/v2?partner=sitescout HTTP 302
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OpXmf0e9&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID

Request Chain 41

https://usermatch.krxd.net/um/v2?partner=verizon HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=OpXmf0e9 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-J5xnlcBE2pvLwsUi.FwVZbNJslaSZk2ucQ--~A

Request Chain 42

https://usermatch.krxd.net/um/v2?partner=navegg HTTP 302
https://sync.navdmp.com/sync?prtid=30&salid=OpXmf0e9

Request Chain 43

https://sync.1rx.io/usersync/krux/OpXmf0e9?dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/krux/OpXmf0e9?zcc=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D&cb=1644154916536 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-c41ce42f-4b21-4966-911d-e01352b890dd-003?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3DRX-c41ce42f-4b21-4966-911d-e01352b890dd-003 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-c41ce42f-4b21-4966-911d-e01352b890dd-003

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
redirect.sales.globo.com/ 2 KB
941 B 1060ms
232ms Document
text/html 131.0.25.203
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://redirect.sales.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 131.0.25.203 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 131.0.25-203.prt.globo.com
Software: nginx /
Resource Hash: 34ef4dc5d0772c0284e0c4e0b357874b6704b102d34157c410e6f7433e103d90

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Sun, 06 Feb 2022 13:41:54 GMT
content-type: text/html
vary: Accept-Encoding
etag: W/"61e154e9-7d5"
last-modified: Fri, 14 Jan 2022 10:48:09 GMT
content-encoding: gzip

GET
H2 200 adrum-4.5.16.2845.js Show response
cdn.appdynamics.com/adrum/ 96 KB
35 KB 37ms
9ms Script
application/javascript 143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Requested by: Host: redirect.sales.globo.com
URL: https://redirect.sales.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-112.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 5265d469ea63a0b2e9996fc6404c63886c2bae1e5f0a2014e37f6fe72247893c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 20:25:56 GMT
content-encoding: gzip
age: 1530958
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 11 Dec 2019 19:02:26 GMT
server: nginx/1.16.1
etag: W/"5df13d42-17fbb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control: public, max-age=2678400, s-max-age=14400
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0OzIjFd_AAXBozl7q39rQ9gC38oPGTX81DIB5rzEVI2VP1cIF5paGw==

GET
H2 200 styles.a873ec56c3a228aaf3ab.css
redirect.sales.globo.com/ 92 KB
15 KB 462ms
460ms Stylesheet
text/css 131.0.25.203
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://redirect.sales.globo.com/styles.a873ec56c3a228aaf3ab.css
Requested by: Host: redirect.sales.globo.com
URL: https://redirect.sales.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 131.0.25.203 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 131.0.25-203.prt.globo.com
Software: nginx /
Resource Hash: 8a13630aa0940e9dc53fc3158979518f7b9d98c1c1cb42f3b02ffda3980e01c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:54 GMT
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 10:48:09 GMT
server: nginx
etag: W/"61e154e9-17178"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 runtime-es2015.0dae8cbc97194c7caed4.js Show response
redirect.sales.globo.com/ 1 KB
869 B 463ms
462ms Script
application/javascript 131.0.25.203
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://redirect.sales.globo.com/runtime-es2015.0dae8cbc97194c7caed4.js
Requested by: Host: redirect.sales.globo.com
URL: https://redirect.sales.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 131.0.25.203 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 131.0.25-203.prt.globo.com
Software: nginx /
Resource Hash: 6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8

Request headers

Referer: https://redirect.sales.globo.com/
Origin: https://redirect.sales.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:54 GMT
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 10:48:09 GMT
server: nginx
etag: W/"61e154e9-5cd"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 polyfills-es2015.332f7c698b9bfea2eef3.js Show response
redirect.sales.globo.com/ 37 KB
13 KB 463ms
461ms Script
application/javascript 131.0.25.203
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://redirect.sales.globo.com/polyfills-es2015.332f7c698b9bfea2eef3.js
Requested by: Host: redirect.sales.globo.com
URL: https://redirect.sales.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 131.0.25.203 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 131.0.25-203.prt.globo.com
Software: nginx /
Resource Hash: f4fb396f2ce38845b424ee4134d72ff400294616f16dea2d5387c1439330e9fa

Request headers

Referer: https://redirect.sales.globo.com/
Origin: https://redirect.sales.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:54 GMT
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 10:48:09 GMT
server: nginx
etag: W/"61e154e9-933b"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 scripts.b306dd7ae3694cfd8910.js Show response
redirect.sales.globo.com/ 87 KB
31 KB 636ms
635ms Script
application/javascript 131.0.25.203
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://redirect.sales.globo.com/scripts.b306dd7ae3694cfd8910.js
Requested by: Host: redirect.sales.globo.com
URL: https://redirect.sales.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 131.0.25.203 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 131.0.25-203.prt.globo.com
Software: nginx /
Resource Hash: 1adca31e027247acc3baeef09e39866624582b65c4699e1513106dc3c5f135cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:54 GMT
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 10:48:09 GMT
server: nginx
etag: W/"61e154e9-15c53"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 main-es2015.f88e8070501b833d2532.js Show response
redirect.sales.globo.com/ 316 KB
90 KB 462ms
461ms Script
application/javascript 131.0.25.203
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://redirect.sales.globo.com/main-es2015.f88e8070501b833d2532.js
Requested by: Host: redirect.sales.globo.com
URL: https://redirect.sales.globo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 131.0.25.203 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 131.0.25-203.prt.globo.com
Software: nginx /
Resource Hash: e81972f6587f2623b30a8f73706a009386fe427eb0262a28e46e1fe1276a003a

Request headers

Referer: https://redirect.sales.globo.com/
Origin: https://redirect.sales.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:54 GMT
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 10:48:09 GMT
server: nginx
etag: W/"61e154e9-4ef66"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 globo-ab.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/ 21 KB
6 KB 898ms
430ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/globo-ab.min.js
Requested by: Host: redirect.sales.globo.com
URL: https://redirect.sales.globo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 São Paulo, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:54 GMT
content-encoding: gzip
x-openstack-request-id: txfbed8bd2c15b4d64a4994-0061ffcfbd
last-modified: Tue, 19 May 2020 15:37:59 GMT
x-thanos: 0AB54007
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1589902678.74751
cache-control: public, max-age=180
x-trans-id: txfbed8bd2c15b4d64a4994-0061ffcfbd
x-request-id: 25faf0de-1fd5-44c1-8e72-166bdd0ac212

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
796 B 136ms
49ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&display=swap

Requested by

Host: redirect.sales.globo.com
URL: https://redirect.sales.globo.com/styles.a873ec56c3a228aaf3ab.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7106f89a7a707caabd7c5fe137ae3b103011e2e61db49e07003710511ff123e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Feb 2022 12:06:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Feb 2022 13:41:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Feb 2022 13:41:54 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
868 B 135ms
49ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: redirect.sales.globo.com
URL: https://redirect.sales.globo.com/styles.a873ec56c3a228aaf3ab.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Feb 2022 13:41:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Feb 2022 13:41:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Feb 2022 13:41:54 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 124ms
40ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://redirect.sales.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 09:58:52 GMT
x-content-type-options: nosniff
age: 186183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 04 Feb 2023 09:58:52 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/globo/assinaturas/prod/ 76 KB
17 KB 102ms
59ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/assinaturas/prod/utag.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3d0f2cc962dcdcac24a1c67bda5adadbb82897db45ed22de3dbba00890551bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 17:14:44 GMT
server: AkamaiNetStorage
etag: "8bd7ea35e199267227c20767977fb575:1643908484.276608"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 16984
expires: Sun, 06 Feb 2022 13:46:55 GMT

GET
H2 200 first Show response
status.sales.globo.com/available/ 293 B
510 B 974ms
240ms XHR
application/json 201.7.182.87
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://status.sales.globo.com/available/first?from=checkoutWeb&checkWaitingRoom=true&productId=undefined
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 201.7.182.87 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: /
Resource Hash: 8e2d37f68f2790fc091826ed8b6751501c5f2e3ece5818f37d68f87686482c89

Request headers

Accept: application/json, text/plain, */*
Referer: https://redirect.sales.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
content-encoding: gzip
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://redirect.sales.globo.com
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since, Keep-Alive, Authorization, X-Request-Nonce

GET
H2 200 profiling.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/ 93 KB
28 KB 227ms
227ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 São Paulo, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 192d2eb7078526e7974933da14512e5f5d64902e654d1e4ee5b421abbf169a3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:55 GMT
content-encoding: gzip
x-openstack-request-id: txd581150deea546dea5758-0061ffcfa0
last-modified: Wed, 12 May 2021 17:50:53 GMT
x-thanos: 0AB54007
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1620841852.71626
cache-control: public, max-age=180
x-trans-id: txd581150deea546dea5758-0061ffcfa0
x-request-id: 5a74c46e-d9d7-489e-bfc2-c2ec9b329c14

GET
H2 200 horizon-common-hit.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 41 KB
14 KB 430ms
430ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 São Paulo, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: fb4c391be2dd9e927d16789bebea68314f10f75383bc4a7b920e8addfdf3e44c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:55 GMT
content-encoding: gzip
x-openstack-request-id: tx769e4110f3594f76a9409-0061ff078b
last-modified: Wed, 22 Dec 2021 23:24:10 GMT
x-thanos: 0AB54007
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1640215449.32111
cache-control: max-age=86400
x-trans-id: tx769e4110f3594f76a9409-0061ff078b
x-request-id: b0e4338e-fc97-42a3-a424-46a9bdf6eb6e

GET
H2 200 glb-pv-min.js Show response
s.glbimg.com/bu/rt/js/ 2 KB
1 KB 693ms
225ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=ut4.39.201810191500

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 São Paulo, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 607406950 ra02 05 03
age: 57
content-length: 969
x-xss-protection: 1; mode=block
x-request-id: a2b5bd5a-4098-43bb-b32f-2d2543065a7a
last-modified: Mon, 04 Feb 2019 16:44:48 GMT
x-thanos: 0AB1500D
etag: W/"5c586c00-703"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sun, 06 Feb 2022 14:40:58 GMT

GET
H2 200 cadun.js Show response
s.glbimg.com/pc/ca/ 14 KB
6 KB 262ms
226ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/cadun.js

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 São Paulo, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 582701819 ra02 05 03
age: 556620
content-length: 5547
x-xss-protection: 1; mode=block
x-request-id: d8bd1a34-2544-4c04-844e-eba4f9f62a60
last-modified: Wed, 27 Jan 2021 20:50:06 GMT
x-thanos: 0AB1500D
etag: W/"6011d1fe-3759"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 07 Feb 2022 03:04:55 GMT

GET
H2 200 tv4.min.js Show response
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 28 KB
10 KB 226ms
225ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 São Paulo, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
content-encoding: gzip
x-openstack-request-id: tx42a17ccd12f9405ead8d1-00619541cb
last-modified: Fri, 25 May 2018 14:11:50 GMT
x-thanos: 0AB54007
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1527257509.32548
cache-control: public, max-age=31536000
x-trans-id: tx42a17ccd12f9405ead8d1-00619541cb
x-request-id: acfe54a3-55fc-440e-b1bc-3478cd7780ab

GET
H2 200 schemas Show response
horizon-schemas.globo.com/ 111 KB
11 KB 696ms
228ms XHR
application/json 186.192.81.117
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://horizon-schemas.globo.com/schemas

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.117 São Paulo, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-81-117.prt.globo.com

Software

Resource Hash

5ee942933492d9eee0dbb393400f00afba90667fdd419bfc8cab5e4d167cb5b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 889489128 asra03mp05lx02ca08.globoi.com
age: 3869
vary: X-Forwarded-Proto, Accept-Encoding, Origin
content-length: 10734
x-xss-protection: 1; mode=block
x-request-id: 1c2cb01c-fce9-4377-8bbc-c006b88b9eab
access-control-allow-origin: https://redirect.sales.globo.com
x-thanos: 0AB1D115
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json; charset=UTF-8
via: 2.0 CachOS
cache-control: max-age=7200, public
accept-ranges: bytes

GET
H2 200 horizon-client-js.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 11 KB
4 KB 227ms
226ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 São Paulo, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
content-encoding: gzip
x-openstack-request-id: txf4f4294a588445f38c7da-0061ffcfaa
last-modified: Fri, 13 Nov 2020 17:21:38 GMT
x-thanos: 0AB54007
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1605288097.88717
cache-control: public, max-age=600
x-trans-id: txf4f4294a588445f38c7da-0061ffcfaa
x-request-id: 94a6b9b9-d4bb-475c-9c28-327041a2d474

GET
H2 200 utag.232.js Show response
tags.tiqcdn.com/utag/globo/assinaturas/prod/ 7 KB
3 KB 9ms
9ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/assinaturas/prod/utag.232.js?utv=ut4.39.202202031714
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f49c9faf2d3a4b9d3fa83d43e22fa1a3949450352a898967929bec87faf33171

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
content-encoding: gzip
last-modified: Tue, 28 Dec 2021 15:03:27 GMT
server: AkamaiNetStorage
etag: "c7845208b6760f974d9f08b05f4df083:1640703807.441144"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2857
expires: Mon, 21 Feb 2022 13:41:56 GMT

GET
H2 200 utag.318.js Show response
tags.tiqcdn.com/utag/globo/assinaturas/prod/ 1 KB
927 B 8ms
8ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/assinaturas/prod/utag.318.js?utv=ut4.39.202102191919
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bc62b8893affa5f73f188a4cb4bdcd24ebede8ffa412727be3b9ba879ec362cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
content-encoding: gzip
last-modified: Tue, 21 Dec 2021 02:26:50 GMT
server: AkamaiNetStorage
etag: "8fc34f3e2d8fb4b0f9f68efa6ce9fe34:1640053610.232272"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 698
expires: Mon, 21 Feb 2022 13:41:56 GMT

GET
H2 200 rrpdr7kps.js Show response
cdn.krxd.net/controltag/ 64 KB
18 KB 39ms
8ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/rrpdr7kps.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3e68234c6007e438bf8cd985e03f7dd144bb17eb16968f86c1ce0645fea82abc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sun, 06 Feb 2022 13:41:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 261
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 17965
x-served-by: config-service-a006-ash-prod.krxd.net, cache-iad-kiad7000136-IAD, cache-hhn4076-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1644154916.261928,VS0,VE0
etag: "11e1c12fe3330194e4aaff0c7deed60a812dfbf6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 2

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 14ms
14ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=globo/assinaturas/202202031714&cb=1644154916230
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Sun, 06 Feb 2022 13:51:56 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 7ms
6ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Sun, 06 Feb 2022 13:41:56 GMT
content-encoding: gzip
age: 1088034
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 1949175
content-length: 84509
x-served-by: cache-hhn4076-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1644154916.275498,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 75E5 805 B
826 B 6ms
6ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Feb 2022 13:41:56 GMT
via: 1.1 varnish
age: 2813096
x-served-by: cache-hhn4076-HHN
x-cache: HIT
x-cache-hits: 472999
x-timer: S1644154916.312650,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H2 200 rrpdr7kps.js Show response
cdn.krxd.net/controltag/ Frame 75E5 64 KB
18 KB 7ms
7ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/rrpdr7kps.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3e68234c6007e438bf8cd985e03f7dd144bb17eb16968f86c1ce0645fea82abc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sun, 06 Feb 2022 13:41:56 GMT
via: 1.1 varnish, 1.1 varnish
age: 261
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 17965
x-served-by: config-service-a006-ash-prod.krxd.net, cache-iad-kiad7000136-IAD, cache-hhn4076-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1644154916.341913,VS0,VE0
etag: "11e1c12fe3330194e4aaff0c7deed60a812dfbf6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 3

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 75E5 259 KB
83 KB 7ms
7ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/rrpdr7kps.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Sun, 06 Feb 2022 13:41:56 GMT
content-encoding: gzip
age: 1088034
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 1949176
content-length: 84509
x-served-by: cache-hhn4076-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1644154916.354430,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ 235 B
431 B 48ms
31ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9f1508da4c7e232fecfa9d9ca9c8d6d4097d449c91b20d51903af021612c1214

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a006-dub-prod.krxd.net, cache-hhn4059-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1644154916.374128,VS0,VE25
content-length: 192
x-cache-hits: 0, 0

GET
H2 200 logo-globo.svg
redirect.sales.globo.com/assets/img/ 8 KB
8 KB 230ms
230ms Image
image/svg+xml 131.0.25.203
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.sales.globo.com/assets/img/logo-globo.svg
Requested by: Host: redirect.sales.globo.com
URL: https://redirect.sales.globo.com/error
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 131.0.25.203 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 131.0.25-203.prt.globo.com
Software: nginx /
Resource Hash: 10c32e479c084fcc3348dabf004defdd6cf851881086f4444d2b7c33f3ff5b86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/error
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
last-modified: Fri, 14 Jan 2022 10:48:09 GMT
server: nginx
accept-ranges: bytes
etag: "61e154e9-2005"
content-length: 8197
content-type: image/svg+xml

GET
H2 200 error.svg
redirect.sales.globo.com/assets/img/ 2 KB
2 KB 231ms
231ms Image
image/svg+xml 131.0.25.203
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.sales.globo.com/assets/img/error.svg
Requested by: Host: redirect.sales.globo.com
URL: https://redirect.sales.globo.com/error
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 131.0.25.203 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 131.0.25-203.prt.globo.com
Software: nginx /
Resource Hash: 7a1c4dd36d56ef93bf28f99ee042f30855092c80baadfb720f003d5051a56e35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/error
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
last-modified: Fri, 14 Jan 2022 10:48:09 GMT
server: nginx
accept-ranges: bytes
etag: "61e154e9-818"
content-length: 2072
content-type: image/svg+xml

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ Frame 75E5 220 B
284 B 40ms
40ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 01a00814980ce2ca61b789c11635e0e927f7eb25d4877cf9df14e2fbe062fa5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a002-dub-prod.krxd.net, cache-hhn4059-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1644154916.399870,VS0,VE33
content-length: 184
x-cache-hits: 0, 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 75E5
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=google
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3BYbWYwZTk
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEKwBNhc5O_MgtdU4XxeqxGI&google_cver=1

0
337 B

28ms
28ms

Image
text/plain

54.76.155.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEKwBNhc5O_MgtdU4XxeqxGI&google_cver=1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Server: 54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
cache-control: private, no-cache, no-store
x-request-time: D=67 t=1644154916
x-served-by: beacon-n024-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 06 Feb 2022 13:41:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEKwBNhc5O_MgtdU4XxeqxGI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 75E5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3BYbWYwZTk
https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=T3BYbWYwZTk&google_tc=
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEKwBNhc5O_MgtdU4XxeqxGI&google_cver=1

0
337 B

28ms
28ms

Image
text/plain

54.76.155.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEKwBNhc5O_MgtdU4XxeqxGI&google_cver=1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Server: 54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
cache-control: private, no-cache, no-store
x-request-time: D=56 t=1644154916
x-served-by: beacon-n002-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Sun, 06 Feb 2022 13:41:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEKwBNhc5O_MgtdU4XxeqxGI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 75E5
Redirect Chain

https://stags.bluekai.com/site/26357?id=OpXmf0e9&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOpXmf0e9%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
https://beacon.krxd.net/usermatch.gif?_kuid=OpXmf0e9&partner=bluekai&bk_uuid=$_BK_UUID

0
337 B

28ms
28ms

Image
text/plain

54.76.155.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?_kuid=OpXmf0e9&partner=bluekai&bk_uuid=$_BK_UUID
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Server: 54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
cache-control: private, no-cache, no-store
x-request-time: D=39 t=1644154916
x-served-by: beacon-n020-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?_kuid=OpXmf0e9&partner=bluekai&bk_uuid=$_BK_UUID
Date: Sun, 06 Feb 2022 13:41:56 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 75E5
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=xZDF2JvrfpMODpYNt6o-QXhWE1zQXwAz

0
338 B

72ms
28ms

Image
text/plain

54.76.155.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=xZDF2JvrfpMODpYNt6o-QXhWE1zQXwAz
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Server: 54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
cache-control: private, no-cache, no-store
x-request-time: D=20 t=1644154916
x-served-by: beacon-n017-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=xZDF2JvrfpMODpYNt6o-QXhWE1zQXwAz
date: Sun, 06 Feb 2022 13:41:55 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3830
content-length: 218
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2

200

p2
sb.scorecardresearch.com/ Frame 75E5
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OpXmf0e9&rn=1644154916
https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OpXmf0e9&rn=1644154916

64 B
330 B

15ms
15ms

Image
image/gif

143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OpXmf0e9&rn=1644154916
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: YT7ysdGJTmdMxvxifEKro38PgDY8CoyBA-QZ2gyJ32B56ojRi3bXFQ==

Redirect headers

date: Sun, 06 Feb 2022 13:41:56 GMT
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=9&c2=8188709&cs_xi=OpXmf0e9&rn=1644154916
content-length: 102
x-amz-cf-id: sCtkLr1acT03BtWhmAiOfN0icpoMD6zYHTV5ojX8bNodoBjyQCDcvw==

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 75E5
Redirect Chain

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OpXmf0e9&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=OpXmf0e9&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=20922500389311143104303926914968144887

0
337 B

28ms
28ms

Image
text/plain

54.76.155.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=20922500389311143104303926914968144887
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Server: 54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1644154916
x-served-by: beacon-n016-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

DCS: dcs-prod-irl1-2-v027-0aefd9347.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: vGO+abb5SZk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=20922500389311143104303926914968144887
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 75E5
Redirect Chain

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID
https://beacon.krxd.net/usermatch.gif?adnxs_uid=3185518787597740735

0
337 B

97ms
29ms

Image
text/plain

54.76.155.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?adnxs_uid=3185518787597740735
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Server: 54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
cache-control: private, no-cache, no-store
x-request-time: D=58 t=1644154916
x-served-by: beacon-n023-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Sun, 06 Feb 2022 13:41:56 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9f9e975b-a384-451c-9d67-91711877535a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://beacon.krxd.net/usermatch.gif?adnxs_uid=3185518787597740735
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame 75E5 42 B
418 B 62ms
19ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=OpXmf0e9
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Feb 2022 13:41:56 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 75E5 0
214 B 38ms
8ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

usersync
pixel-sync.sitescout.com/connectors/krux/ Frame 75E5
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=sitescout
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OpXmf0e9&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID

0
191 B

72ms
19ms

Image
text/plain

66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OpXmf0e9&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Feb 2022 13:41:56 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OpXmf0e9&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
date: Sun, 06 Feb 2022 13:41:56 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a008-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 75E5
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=verizon
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=OpXmf0e9
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-J5xnlcBE2pvLwsUi.FwVZbNJslaSZk2ucQ--~A

0
337 B

28ms
28ms

Image
text/plain

54.76.155.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-J5xnlcBE2pvLwsUi.FwVZbNJslaSZk2ucQ--~A
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Server: 54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1644154916
x-served-by: beacon-n014-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Sun, 06 Feb 2022 13:41:56 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-J5xnlcBE2pvLwsUi.FwVZbNJslaSZk2ucQ--~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

200

sync
sync.navdmp.com/ Frame 75E5
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=navegg
https://sync.navdmp.com/sync?prtid=30&salid=OpXmf0e9

6 B
206 B

188ms
156ms

Image
application/javascript

2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?prtid=30&salid=OpXmf0e9
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6d94cc85feef9000-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

Redirect headers

location: https://sync.navdmp.com/sync?prtid=30&salid=OpXmf0e9
date: Sun, 06 Feb 2022 13:41:56 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a012-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 75E5
Redirect Chain

https://sync.1rx.io/usersync/krux/OpXmf0e9?dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/krux/OpXmf0e9?zcc=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D&cb=1644154916536
https://sync.targeting.unrulymedia.com/csync/RX-c41ce42f-4b21-4966-911d-e01352b890dd-003?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3DRX-c41ce42f-4b21-4...
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-c41ce42f-4b21-4966-911d-e01352b890dd-003

0
337 B

28ms
28ms

Image
text/plain

54.76.155.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-c41ce42f-4b21-4966-911d-e01352b890dd-003
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Server: 54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
cache-control: private, no-cache, no-store
x-request-time: D=41 t=1644154916
x-served-by: beacon-n003-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-c41ce42f-4b21-4966-911d-e01352b890dd-003
date: Sun, 06 Feb 2022 13:41:56 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXc41ce42f4b214966911de01352b890dd003
content-type: text/html

GET getdata.xgi
r.nexac.com/e/ Frame 75E5 0
0

OPTIONS
H2 204 logged
cocoon.globo.com/v2/user/ Frame 0
0 695ms
227ms Preflight 201.7.182.243
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 201.7.182.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://redirect.sales.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 06 Feb 2022 13:41:57 GMT
access-control-allow-origin: https://redirect.sales.globo.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods: POST, OPTIONS
access-control-allow-credentials: true
x-request-id: c4735a1d-2e21-4584-996a-36c71cdeeda5
x-thanos: 0A8490A2

GET
H2 200 login.css
s.glbimg.com/pc/ca/ 846 B
838 B 226ms
226ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/login.css

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 São Paulo, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 567729955 ra02 05 03
age: 556626
content-length: 431
x-xss-protection: 1; mode=block
x-request-id: 3683381d-19f0-4d34-8218-f61057a0893b
last-modified: Wed, 27 Jan 2021 20:50:06 GMT
x-thanos: 0AB1500D
etag: W/"6011d1fe-34e"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 07 Feb 2022 03:04:49 GMT

POST
H2 200 logged Show response
cocoon.globo.com/v2/user/ 187 B
700 B 685ms
229ms XHR
application/json 201.7.182.243
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 201.7.182.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: /
Resource Hash: a724f68f1d7c545327f2db9623b2717af0698d434303b06f5b912cd8edaf2b6a

Request headers

Referer: https://redirect.sales.globo.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:57 GMT
content-encoding: gzip
x-thanos: 0A8490A7
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
p3p: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: https://redirect.sales.globo.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
x-request-id: 1ef3afb4-1a2b-48f6-aaa5-0dd02d6c8625

GET
H2 200 horizon-pageview
horizon.globo.com/auth-session/activity/redirect/ 0
320 B 915ms
105ms Image
text/plain 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horizon.globo.com/auth-session/activity/redirect/horizon-pageview?object=https%3A%2F%2Fredirect.sales.globo.com%2Ferror&Referrer=&tags=&client_version=0.3.11

Requested by

Host: redirect.sales.globo.com
URL: https://redirect.sales.globo.com/error

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

33.79.211.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:57 GMT
x-served-from: hzt-tsuru
content-length: 0
strict-transport-security: max-age=60
content-type: text/plain; charset=UTF-8

POST
H2 200 assinaturas
horizon-track.globo.com/event/ 0
323 B 392ms
109ms Ping
text/plain 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://horizon-track.globo.com/event/assinaturas

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

33.79.211.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://redirect.sales.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary4A6IyswaA5IrfbGJ

Response headers

date: Sun, 06 Feb 2022 13:41:57 GMT
x-served-from: hzt-tsuru
content-length: 0
strict-transport-security: max-age=60
content-type: text/plain; charset=UTF-8

GET
H2 200 optout_check Show response
beacon.krxd.net/ 78 B
237 B 28ms
28ms Script
text/javascript 54.76.155.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.globo.kxjsonp_optOutCheck
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 465f0d33319c1212d444b3863f809853c502b1edc5f0208e01f2d8e68dac8915

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:57 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=31 t=1644154917
x-served-by: beacon-n004-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 356 B
499 B 104ms
104ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&technographics=1&callback=Krux.ns.globo.kxjsonp_userdata
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8220f3014e9c9d1d4d21d1686f130fd9c2d1084399954dc97cfac802b1384113

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Sun, 06 Feb 2022 13:41:57 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a020-ash-prod.krxd.net, cache-hhn4076-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1644154917.396202,VS0,VE95
content-length: 272
x-cache-hits: 0, 0

GET
H2 200 adrum-ext.7a88a5f34b3368a060fd963640d8c56b.js Show response
cdn.appdynamics.com/ 50 KB
20 KB 8ms
8ms Script
application/javascript 143.204.98.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.7a88a5f34b3368a060fd963640d8c56b.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-112.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: ca6cf50ff961072828a0dcdd1a259262fd042a37c48113cd7be18ae8e916a8a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 20:08:22 GMT
content-encoding: gzip
age: 2223215
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 11 Dec 2019 19:04:02 GMT
server: nginx/1.16.1
etag: W/"5df13da2-c9b2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control: public, max-age=2678400, s-max-age=14400
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 9wEzhTsFYF0J8dLokiEl-CsfBbNfEHX73cvOTg4DLFC0DqSHTI_78A==

GET
H2 200 / Show response
usergate.globo.com/ 29 B
360 B 755ms
233ms XHR
text/plain 201.7.182.142
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://usergate.globo.com/

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.16.2845.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.182.142 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

nginx /

Resource Hash

0296e4ca1113d74ccf4b6d384c4998310a3cc8737da111686dbd431403019cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://redirect.sales.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 29ms
28ms Image
text/plain 54.76.155.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=rrpdr7kps&_kpid=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&_kcp_s=Globoplay%20APPs%20e%20TVs%20Conectadas&_kcp_d=sales.globo.com&_knifr=1&_kua_kx_tz=0&geo_country=de&geo_region=nw&geo_dma=276002&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=de&_kua_kx_geo_region=nw&_kua_kx_geo_dma=276002&_kua_kx_whistle=0&_kpa_meta_keywordsDELIM=%2C&t_navigation_type=0&t_dns=368&t_tcp=460&t_http_request=-1&t_http_response=1&t_content_ready=1991&t_window_load=4039&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=w4acquka3&userdata_user=OpXmf0e9%2Cw4acquka3&sview=1&kplt0=19929&kplt1=19930&kplt2=19936&kplt3=30153&kplt4=32767&kplt5=32768&kplt6=41929&kplt7=43900&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C36%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C25%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C105
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.155.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-155-32.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=105 t=1644154917
x-served-by: beacon-n020-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cd
cd.navdmp.com/ 6 B
99 B 195ms
184ms Image
application/x-javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cd.navdmp.com/cd?prtid=13574&prtusridr=33be214efa94d89d4693909dbbb185ff0e317f76
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://redirect.sales.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 13:41:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6d94cc8c7ef19000-FRA
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: r.nexac.com
URL: https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DOpXmf0e9%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.globo.com/	1970-01-20 09:28:10	Name: utag_main Value: v_id:017ecf450aa5001fb54a019a3b3b03072002906a00b08$_sn:1$_ss:1$_pn:1%3Bexp-session$_st:1644156716249$ses_id:1644154915493%3Bexp-session
.krxd.net/	1970-01-20 05:01:46	Name: _kuid_ Value: OpXmf0e9
.adnxs.com/	1970-01-20 02:52:10	Name: uuid2 Value: 3185518787597740735
.scorecardresearch.com/	1970-01-20 17:59:22	Name: UID Value: 162e213f6e5ba19164d902b1644154916
.criteo.com/	1970-01-20 10:04:10	Name: uid Value: c85eaddf-bb35-4004-b425-70285153cbdd
.rlcdn.com/	1970-01-20 09:28:10	Name: rlas3 Value: ZK3wtqWGDYwGtaJ/C+Ghx2I98IQ7lw2ufjgZEiFmxGM=
.rlcdn.com/	1970-01-20 02:08:58	Name: pxrc Value: CAA=
.1rx.io/	1970-01-20 09:28:10	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-c41ce42f-4b21-4966-911d-e01352b890dd-003%22%7D
.demdex.net/	1970-01-20 05:01:46	Name: demdex Value: 20922500389311143104303926914968144887
.dpm.demdex.net/	1970-01-20 05:01:46	Name: dpm Value: 20922500389311143104303926914968144887
.targeting.unrulymedia.com/	1970-01-20 09:28:10	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-c41ce42f-4b21-4966-911d-e01352b890dd-003%22%7D
.doubleclick.net/	1970-01-20 10:04:10	Name: IDE Value: AHWqTUnRHdlWLbTPX9Sbon3Nx6PAaIfh6iuvAHmZnqrXNmI9Cnu9Xm4vBvqTYfclE_8
.yahoo.com/	1970-01-20 09:28:32	Name: A3 Value: d=AQABBCTQ_2ECEAnvgPrK-Tgx7zWJ591Va2A&S=AQAAAvGIOGBpLbXK9F50Hv63ulU
.globo.com/	1970-01-20 09:28:31	Name: kppid Value: 17710079219237103230178
.globo.com/	1970-01-20 00:42:36	Name: hsid Value: a788e107-3a6a-4f3b-8885-da8274d18f2b
.globo.com/	1970-01-20 09:20:48	Name: glb_uid Value: "8ZatM2nXoYAIlQVejmRM0IlfLpf-iT8lNLmzsI_D9R8="

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DOpXmf0e9%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.krxd.net
cd.navdmp.com
cdn.appdynamics.com
cdn.krxd.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cocoon.globo.com
consumer.krxd.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
horizon-schemas.globo.com
horizon-track.globo.com
horizon.globo.com
ib.adnxs.com
idsync.rlcdn.com
pixel-sync.sitescout.com
r.nexac.com
redirect.sales.globo.com
s.glbimg.com
s3.glbimg.com
sb.scorecardresearch.com
stags.bluekai.com
status.sales.globo.com
sync.1rx.io
sync.navdmp.com
sync.targeting.unrulymedia.com
tags.tiqcdn.com
token.rubiconproject.com
usergate.globo.com
usermatch.krxd.net
r.nexac.com
131.0.25.203
142.250.185.98
143.204.98.112
143.204.98.86
151.101.130.133
151.101.66.133
184.30.24.194
186.192.81.117
186.192.90.3
186.192.91.5
201.7.182.142
201.7.182.243
201.7.182.87
212.82.100.182
213.19.147.45
2606:4700::6810:cf3
2a00:1450:4001:803::2003
2a00:1450:4001:82b::200a
2a02:2638::1c
34.253.74.200
35.211.79.33
35.244.174.68
37.252.172.36
44.196.109.196
54.76.155.32
66.155.71.25
69.173.144.165
72.246.100.56
01a00814980ce2ca61b789c11635e0e927f7eb25d4877cf9df14e2fbe062fa5c
0296e4ca1113d74ccf4b6d384c4998310a3cc8737da111686dbd431403019cd9
10c32e479c084fcc3348dabf004defdd6cf851881086f4444d2b7c33f3ff5b86
192d2eb7078526e7974933da14512e5f5d64902e654d1e4ee5b421abbf169a3b
1adca31e027247acc3baeef09e39866624582b65c4699e1513106dc3c5f135cf
34ef4dc5d0772c0284e0c4e0b357874b6704b102d34157c410e6f7433e103d90
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3e68234c6007e438bf8cd985e03f7dd144bb17eb16968f86c1ce0645fea82abc
465f0d33319c1212d444b3863f809853c502b1edc5f0208e01f2d8e68dac8915
5265d469ea63a0b2e9996fc6404c63886c2bae1e5f0a2014e37f6fe72247893c
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5ee942933492d9eee0dbb393400f00afba90667fdd419bfc8cab5e4d167cb5b7
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
7106f89a7a707caabd7c5fe137ae3b103011e2e61db49e07003710511ff123e6
7a1c4dd36d56ef93bf28f99ee042f30855092c80baadfb720f003d5051a56e35
8220f3014e9c9d1d4d21d1686f130fd9c2d1084399954dc97cfac802b1384113
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a13630aa0940e9dc53fc3158979518f7b9d98c1c1cb42f3b02ffda3980e01c7
8e2d37f68f2790fc091826ed8b6751501c5f2e3ece5818f37d68f87686482c89
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
9f1508da4c7e232fecfa9d9ca9c8d6d4097d449c91b20d51903af021612c1214
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a724f68f1d7c545327f2db9623b2717af0698d434303b06f5b912cd8edaf2b6a
bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f
bc62b8893affa5f73f188a4cb4bdcd24ebede8ffa412727be3b9ba879ec362cc
ca6cf50ff961072828a0dcdd1a259262fd042a37c48113cd7be18ae8e916a8a2
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d0f2cc962dcdcac24a1c67bda5adadbb82897db45ed22de3dbba00890551bd
e81972f6587f2623b30a8f73706a009386fe427eb0262a28e46e1fe1276a003a
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f49c9faf2d3a4b9d3fa83d43e22fa1a3949450352a898967929bec87faf33171
f4fb396f2ce38845b424ee4134d72ff400294616f16dea2d5387c1439330e9fa
fb4c391be2dd9e927d16789bebea68314f10f75383bc4a7b920e8addfdf3e44c

redirect.sales.globo.com Open in urlscan Pro 131.0.25.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

79 %HTTPS

14 %IPv6

21 Domains

32 Subdomains

21 IPs

6 Countries

574 kBTransfer

1801 kBSize

16 Cookies

0 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

redirect.sales.globo.com Open in urlscan Pro
131.0.25.203 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

79 %
HTTPS

14 %
IPv6

21
Domains

32
Subdomains

21
IPs

6
Countries

574 kB
Transfer

1801 kB
Size

16
Cookies

57 HTTP transactions
0 data transactions