blogs.oglobo.globo.com Open in urlscan Pro
186.192.81.15 Public Scan

URL: https://g1.globo.com/
Title: g1

URL: https://globoesporte.globo.com/
Title: ge

URL: https://gshow.globo.com/
Title: gshow

URL: https://globoplay.globo.com/
Title: globoplay

URL: https://www.techtudo.com.br/
Title: tecnologia

URL: http://www.globo.com/todos-os-sites.html
Title: todos os sites

URL: https://oglobo.globo.com/
Title: Logo O Globo

URL: https://ofertasglobo.oglobo.globo.com/garc/landing_oglobo/consumidor22/index.html?campanha=sim&interno_origem=siteoglobo&interno_midia=botao&interno_campanha=og_botao_topo_semcookie_cnsmdr
Title: Assinatura

URL: https://www.facebook.com/jornaloglobo
Title: Facebook

URL: https://twitter.com/jornaloglobo
Title: Twitter

URL: https://www.instagram.com/jornaloglobo
Title: Instagram

URL: https://login.globo.com/login/3981?url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Title: Entrar

URL: https://oglobo.globo.com/politica/
Title: Política

URL: https://oglobo.globo.com/brasil/
Title: Brasil

URL: https://oglobo.globo.com/rio/
Title: Rio

URL: https://oglobo.globo.com/saude/
Title: Saúde

URL: https://oglobo.globo.com/mundo/
Title: Mundo

URL: https://oglobo.globo.com/economia/
Title: Economia

URL: https://oglobo.globo.com/cultura/
Title: Cultura

URL: https://oglobo.globo.com/esportes/
Title: Esportes

URL: https://oglobo.globo.com/boa-viagem/
Title: Viagem

URL: https://oglobo.globo.com/rio/bairros/
Title: Bairros

URL: https://oglobo.globo.com/blogs/
Title: Colunistas

URL: https://oglobo.globo.com/epoca/
Title: Época

URL: https://oglobo.globo.com/podcast/
Title: Podcast

URL: https://oglobo.globo.com/videos/
Title: Vídeos

URL: https://oglobo.globo.com/fotogalerias/
Title: Fotos

URL: https://oglobo.globo.com/infograficos/
Title: Infográficos

URL: https://oglobo.globo.com/economia/defesa-do-consumidor/
Title: Defesa do Consumidor

URL: https://oglobo.globo.com/ultimas-noticias
Title: Últimas Notícias

URL: https://oglobo.globo.com/principios-editoriais/
Title: Princípios Editoriais

URL: https://kogut.oglobo.globo.com/
Title: Logo Patrícia Kogut

URL: https://oglobo.globo.com/ela/
Title: Logo Ela

URL: https://oglobo.globo.com/rioshow/
Title: Logo Rio Show

URL: https://oglobo.globo.com/clubeoglobo/
Title: Logo Clube O Globo Sou Mais Rio

URL: https://meuoglobo.oglobo.globo.com/
Title: Logo Meu O Globo

URL: https://extra.globo.com/
Title: Logo Extra

URL: https://infoglobosites2.secure.force.com/assinante/
Title: Portal do Assinante

URL: https://acervo.oglobo.globo.com/
Title: Acervo

URL: https://oglobo.globo.com/um-so-planeta/
Title: Um Só Planeta

URL: https://jornaldigital.oglobo.globo.com/
Title: Edição Impressa

URL: https://oglobo.globo.com/newsletter/
Title: Newsletter

URL: https://oglobo.globo.com/economia/cnc-noticias/
Title: Comércio em pauta

URL: https://oglobo.globo.com/rio/tem-no-rio/
Title: Tem no Rio

URL: http://www.facebook.com/sharer/sharer.php?u=https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

URL: https://twitter.com/intent/tweet?url=https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

URL: https://plus.google.com/share?hl=en-US&url=https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

URL: https://twitter.com/malugaspar

URL: https://www.facebook.com/sharer/sharer.php?u=https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3DFacebook%26utm_medium%3DSocial%26utm_campaign%3Dcompartilhar

URL: https://twitter.com/intent/tweet?text=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro&url=https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3DTwitter%26utm_medium%3DSocial%26utm_campaign%3Dcompartilhar

URL: https://api.whatsapp.com/send?text=Blog%20Malu%20Gaspar:%20Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html

URL: https://www.immobilienscout24.de/lp/kostenlose-immobilienbewertung-v1/?utm_source=taboola&utm_medium=display&utm_campaign=de_rle_pros_leads_b_region_desk_15314614&utm_term=editoraglobo-oglobo_1212310&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fe220f44369da833a29fe94fdf95b5529.jpg&tblci=GiBQNMrlNJLV_Xy6kXm96akLprK767eflLSIorwKjODJuiDh50Mo6Z7qs5Cs-t1j#tblciGiBQNMrlNJLV_Xy6kXm96akLprK767eflLSIorwKjODJuiDh50Mo6Z7qs5Cs-t1j
Title: ImmoScout24

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=editoraglobo-oglobo&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Patrocinado

URL: https://oglobo.globo.com/politica/doria-se-reune-com-parlamentares-do-cidadania-em-brasilia-25424523
Title: Doria se reúne com parlamentares do Cidadania em Brasília

URL: https://oglobo.globo.com/politica/corretora-diz-que-lewandowski-nao-fez-proposta-por-imovel-de-abraham-weintraub-25424306
Title: Corretora diz que Lewandowski não fez proposta por imóvel de Abraham Weintraub

URL: https://oglobo.globo.com/politica/eu-dirijo-nacao-para-lado-que-os-senhores-desejarem-diz-bolsonaro-pastores-2-25424267
Title: 'Eu dirijo a nação para o lado que os senhores desejarem', diz Bolsonaro a pastores

URL: https://oglobo.globo.com/politica/em-carta-deputados-arthur-do-val-diz-que-punicao-por-fala-sexista-justa-mas-cassacao-de-mandato-excessiva-25424177
Title: Em carta a deputados, Arthur do Val diz que punição por fala sexista é justa, mas cassação de mandato é 'excessiva'

URL: https://oglobo.globo.com/politica/nunca-afirmei-uma-candidatura-presidencia-diz-rodrigo-pacheco-25424109
Title: 'Nunca afirmei uma candidatura à Presidência', diz Rodrigo Pacheco

URL: https://oglobo.globo.com/politica/moro-sugere-renata-abreu-como-candidata-do-podemos-ao-governo-de-sp-1-25424073
Title: Moro sugere Renata Abreu como candidata do Podemos ao governo de SP

URL: https://oglobo.globo.com/politica/bolsonaro-cancela-encontro-com-paes-vai-se-reunir-com-aliado-de-castro-na-baixada-fluminense-25424079
Title: Bolsonaro cancela encontro com Paes e vai se reunir com aliado de Castro na Baixada Fluminense

URL: https://oglobo.globo.com/politica/podemos-aceita-desfiliacao-de-arthur-do-val-25423925
Title: Podemos aceita desfiliação de Arthur do Val

URL: https://oglobo.globo.com/politica/alesp-sem-decoro-caso-arthur-do-val-mordida-transfobia-assedio-sexual-ate-xingamento-ao-papa-25423843
Title: Alesp sem decoro: caso Arthur do Val, mordida, transfobia, assédio sexual e até xingamento ao Papa

URL: https://oglobo.globo.com/politica/relembre-declaracoes-com-ofensas-as-mulheres-feitas-pelo-presidente-a-familia-bolsonaro-25423642
Title: Relembre declarações com ofensas às mulheres feitas pelo presidente e a família Bolsonaro

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=editoraglobo-oglobo&utm_medium=referral&utm_content=thumbnails-b:Below%20Page%20|%20Card%201:
Title: por Taboola

URL: https://www.immobilienscout24.de/lp/kostenlose-immobilienbewertung-v1/?utm_source=taboola&utm_medium=display&utm_campaign=de_rle_pros_leads_b_region_desk_15314614&utm_term=editoraglobo-oglobo_1212310&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fe220f44369da833a29fe94fdf95b5529.jpg&tblci=GiBQNMrlNJLV_Xy6kXm96akLprK767eflLSIorwKjODJuiDh50Mo_s3_4YH7j72nAQ#tblciGiBQNMrlNJLV_Xy6kXm96akLprK767eflLSIorwKjODJuiDh50Mo_s3_4YH7j72nAQ
Title: ImmoScout24

URL: https://cloud.ionos.de/reports/techconsult-gaia-x-studie-2021?utm_source=taboola&utm_medium=native-advertising&utm_campaign=ION-DEU-TAB-SRV_ECL-CON-GAIAX-Desktop&ac=OM.PU.PUo55K421694T7073a#tblciGiBQNMrlNJLV_Xy6kXm96akLprK767eflLSIorwKjODJuiDoykQon5qJi9ihyttP
Title: IONOS Cloud

URL: https://om.elvenar.com/ox/de/?ref=tab_de_dach&&external_param=3136830979&pid=editoraglobo-oglobo&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fd1bd234f79aff3761354e15a013cd43b.jpeg&tblci=GiBQNMrlNJLV_Xy6kXm96akLprK767eflLSIorwKjODJuiCPyT8o4JXv4a3v2o7EAQ#tblciGiBQNMrlNJLV_Xy6kXm96akLprK767eflLSIorwKjODJuiCPyT8o4JXv4a3v2o7EAQ
Title: Elvenar - Free Online Game

URL: https://om.forgeofempires.com/foe/de/?ref=tab_de_de_videonew&external_param=3041621798&pid=editoraglobo-oglobo&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F34ae3d8438b9f0684092dd84dd25fdb9.jpeg&tblci=GiBQNMrlNJLV_Xy6kXm96akLprK767eflLSIorwKjODJuiDJqD8ok5H5tbrToehb#tblciGiBQNMrlNJLV_Xy6kXm96akLprK767eflLSIorwKjODJuiDJqD8ok5H5tbrToehb
Title: Forge Of Empires

URL: https://privacidade.globo.com/privacy-policy/
Title: Política de Privacidade

URL: https://privacidade.globo.com/
Title: Portal da Privacidade

URL: http://www.gda.com/
Title: Logo GDA

URL: http://www.agenciaoglobo.com.br/
Title: Agência O Globo

URL: https://oglobo.globo.com/fale-conosco/
Title: Fale conosco

URL: https://oglobo.globo.com/expediente/
Title: Expediente

URL: https://www.publicidadeeditoraglobo.com.br/
Title: Anuncie conosco

URL: https://www.vagas.com.br/editoraglobo
Title: Trabalhe conosco

URL: https://www.globo.com/privacidade.html
Title: Política de privacidade

URL: https://oglobo.globo.com/termos-de-uso/
Title: Termos de uso

URL: https://ofertasglobo.oglobo.globo.com/garc/landing_oglobo/consumidor22/index.html?campanha=sim&interno_origem=siteoglobo&interno_midia=display&interno_campanha=og_footer_semcookie_cnsmdr

186-192-81-15.prt.globo.com

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.assinanteoglobo.com.br/?qs=fac62467e248101972ff2327872ae5b4eae02cf409a6163063aabd0959fd38325b64f7d66df9571ba718a4bd90eaf90e1228f70d2c6098b4 HTTP 302
https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://open.spotify.com/embed/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator HTTP 302
https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator

Request Chain 75

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 149

https://sb.scorecardresearch.com/c2/6035227/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 150

https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1646790363592&ns_c=UTF-8&c8=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&c7=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&c9= HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1646790363592&ns_c=UTF-8&c8=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&c7=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&c9=

Request Chain 184

https://usermatch.krxd.net/um/v2?partner=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3ROQ19GVVk HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESENPVYn7kqfU0Ljb6MVe4VKs&google_cver=1

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3ROQ19GVVk HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESENPVYn7kqfU0Ljb6MVe4VKs&google_cver=1

Request Chain 186

https://stags.bluekai.com/site/26357?id=OtNC_FUY&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOtNC_FUY%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
https://beacon.krxd.net/usermatch.gif?_kuid=OtNC_FUY&partner=bluekai&bk_uuid=$_BK_UUID

Request Chain 187

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=pivlZM4KQ9xa2sdSxENV9TfCSaSA7Sol

Request Chain 189

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OtNC_FUY&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=OtNC_FUY&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=91526911195145998380377231758405803155

Request Chain 190

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID HTTP 302
https://beacon.krxd.net/usermatch.gif?adnxs_uid=4405819583841532178

Request Chain 191

https://ib.adnxs.com/mapuid?member_id=1780&user=OtNC_FUY HTTP 307
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOtNC_FUY

Request Chain 193

https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L0IWGP0F-M-IZAT&gdpr=0

Request Chain 194

https://usermatch.krxd.net/um/v2?partner=sitescout HTTP 302
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OtNC_FUY&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID

Request Chain 195

https://usermatch.krxd.net/um/v2?partner=verizon HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=OtNC_FUY HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-UXVccslE2ptoVhdke2uLLUm0ARiJlMYmAw--~A

Request Chain 196

https://usermatch.krxd.net/um/v2?partner=navegg HTTP 302
https://sync.navdmp.com/sync?prtid=30&salid=OtNC_FUY

Request Chain 197

https://sync.1rx.io/usersync/krux/OtNC_FUY?dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/krux/OtNC_FUY?zcc=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D&cb=1646790363978 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f7dcba78-2e7b-470d-8d05-897c90d1cbd5-003?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3DRX-f7dcba78-2e7b-470d-8d05-897c90d1cbd5-003 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-f7dcba78-2e7b-470d-8d05-897c90d1cbd5-003

Request Chain 326

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 342

https://ad.doubleclick.net/ddm/ad/N297201.2069703TABOOLA/B26896017.320597054;sz=1x1;ord=2022-03-09+01%3A46%3A05;dc_ref=blogs.oglobo.globo.com;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D HTTP 302
https://ad.doubleclick.net/ddm/ad/N297201.2069703TABOOLA/B26896017.320597054;dc_pre=CNKM_JX0t_YCFRfRuwgdI_gK8w;sz=1x1;ord=2022-03-09+01%3A46%3A05;dc_ref=blogs.oglobo.globo.com;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D HTTP 302
https://d.agkn.com/pixel/10690/?che=3894422761&cmid=26896017&sid=3245026&pid=320597054&cgid=522270926&cid=167521640&aid=11386582&gdpr=&gdpr_consent=

Request Chain 369

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIazgJyP0KsrEypXQOYHxsU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIazgJyP0KsrEypXQOYHxsU&google_cver=1&C=1

Request Chain 370

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YigG3aXQ9Ufp9jpYhTVi-wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIazgJyP0KsrEypXQOYHxsU&google_cver=1

Request Chain 371

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIxgKvjWN5C2wFqyxUVicMY&google_cver=1

Request Chain 372

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcyNDYyNjQ1MjMzOTQ2Mjk2NQ%3D%3D

Request Chain 380

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFzcRHWo-i6e5plIRaqgJj4&google_cver=1&google_push=AYg5qPLcuTvi6uJrp-dUWzaqpolx_QU823Jij1G0f4o0Q-Ff9DBmtspKHvhwRj_imUYn7Rw6QWNA0LFr0U_TpMJmJQ63uvHqmUicmQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjczMDg1NDEzOTYyMTc5NDA2Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFzcRHWo-i6e5plIRaqgJj4&google_cver=1

Request Chain 381

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBEUaEvJJnQnerwnknjYfcs&google_cver=1&google_push=AYg5qPJ8BICiFOEl6dUEW0_LzJzYZjVVat49Ykt8B7YYfBw0ipxWW5Ql05OCmk3kbfBRpPW4MhYfLtjn4Uu7h2qbIgiYRGjEoDkTSQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ8BICiFOEl6dUEW0_LzJzYZjVVat49Ykt8B7YYfBw0ipxWW5Ql05OCmk3kbfBRpPW4MhYfLtjn4Uu7h2qbIgiYRGjEoDkTSQ

Request Chain 382

https://um.simpli.fi/gp_match?google_gid=CAESEIc-PNY68xYtFbFl-c7cz38&google_cver=1&google_push=AYg5qPJIiDxtSK6XxB5hy1mP03zZaIrPblIvpwvmuMHbRdX2rQDkY4hFyh4bIWGULN4ZhekAt483xAn9a06VQmVGGdIA0xSSLksQsw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=84D48D36C31D4139A6D81F4266D35C01&google_push=AYg5qPJIiDxtSK6XxB5hy1mP03zZaIrPblIvpwvmuMHbRdX2rQDkY4hFyh4bIWGULN4ZhekAt483xAn9a06VQmVGGdIA0xSSLksQsw

Request Chain 384

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPWjNdkghN0yn4nDeCemfV8&google_cver=1&google_push=AYg5qPLlm8F-UaWE1B98daAWx54vh6bvw4toImbhumvJOANALK5dSBopf8F4Bd6n_ltC0lOalZpKPAIrUsbk946bkgnm4RipkaNCMA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLlm8F-UaWE1B98daAWx54vh6bvw4toImbhumvJOANALK5dSBopf8F4Bd6n_ltC0lOalZpKPAIrUsbk946bkgnm4RipkaNCMA&google_hm=NTg2MTUyMDUxNzgyNzQzNjIy

Request Chain 385

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPr9jEzQ_CLyvhqmuU50mo0&google_cver=1&google_push=AYg5qPJMgn5bKDWJ_RXfnXxJZiVqbs0JTlY0j-gL-BsyIojpbGoBwp5uUo25JuJeD6ncgR1MtKmDNFPySuk0IqTl_TQfTuE4R19U5Q HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPr9jEzQ_CLyvhqmuU50mo0&google_cver=1&google_push=AYg5qPJMgn5bKDWJ_RXfnXxJZiVqbs0JTlY0j-gL-BsyIojpbGoBwp5uUo25JuJeD6ncgR1MtKmDNFPySuk0IqTl_TQfTuE4R19U5Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc5MzA5NzAwMDkwMDE4NTk2&google_push=AYg5qPJMgn5bKDWJ_RXfnXxJZiVqbs0JTlY0j-gL-BsyIojpbGoBwp5uUo25JuJeD6ncgR1MtKmDNFPySuk0IqTl_TQfTuE4R19U5Q

Request Chain 386

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOHhPdZavAF16dbvypSFeyI&google_cver=1&google_push=AYg5qPLBGTbuX-WVdfDDoYSIc5Qo9IOJM3x_loZGgmJ4yTbFZaTWV5FxCubdWI8yYdWt0GNq-Tk8vEqdZ909qGx0GsnNeb5Jcwhfow HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f7dcba78-2e7b-470d-8d05-897c90d1cbd5-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLBGTbuX-WVdfDDoYSIc5Qo9IOJM3x_loZGgmJ4yTbFZaTWV5FxCubdWI8yYdWt0GNq-Tk8vEqdZ909qGx0GsnNeb5Jcwhfow%26google_hm%3DA_fcungue0cNjQWJfJDRy9U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLBGTbuX-WVdfDDoYSIc5Qo9IOJM3x_loZGgmJ4yTbFZaTWV5FxCubdWI8yYdWt0GNq-Tk8vEqdZ909qGx0GsnNeb5Jcwhfow&google_hm=A_fcungue0cNjQWJfJDRy9U

Request Chain 390

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine___330033534&atb_dpuid=di_&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 404

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=af34a27d-9f4a-11ec-9283-13b80d860106 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=af37c808-9f4a-11ec-8eeb-1d03a5b20106&orig=video&us_privacy=1---gdpr=1&

Request Chain 408

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=af34beaf-9f4a-11ec-bf7c-1bf9ad920106 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=af37c808-9f4a-11ec-8eeb-1d03a5b20106&orig=video&us_privacy=1---gdpr=1&

Request Chain 410

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-_R2XdUFE2uFmp7MLytTHE1fjAl5SJWpuQhaTigo-~A

Request Chain 413

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=af369f6b-9f4a-11ec-a9a1-107c10e90306 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=af37c808-9f4a-11ec-8eeb-1d03a5b20106&orig=video&us_privacy=1---gdpr=1&

Request Chain 415

https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-_R2XdUFE2uFmp7MLytTHE1fjAl5SJWpuQhaTigo-~A

Request Chain 418

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=af37c83f-9f4a-11ec-8eeb-1d03a5b20106 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=af37c808-9f4a-11ec-8eeb-1d03a5b20106&orig=video&us_privacy=1---gdpr=1&

Request Chain 435

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 441

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 466

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 467

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTNlOTZlY2MxNzY1MTUxOGEyYjQ5ZDgyZjI5ZjZhMWVhNmFmNzQ0Ng&gdpr=1&us_privacy=1---

Request Chain 468

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBJV0dQMEYtTS1JWkFU&gdpr=1&us_privacy=1---

Request Chain 469

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 470

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0IWGP0F-M-IZAT&gdpr=1&us_privacy=1---

Request Chain 471

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/e-uFMhtzeoQMg94GOHuqoA?csrc=&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=586152051782743622

Request Chain 545

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ab86228-06dd-4400-87b6-fb86c8bc6cd1&gdpr=0&gdpr_consent=

Request Chain 546

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5594663948572994553

Request Chain 547

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 548

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7072910782518261901

Request Chain 549

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WmhsUPOFRSKoxP4e6PbIjA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 550

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9ab86228-06dd-4400-87b6-fb86c8bc6cd1

Request Chain 551

https://pixel.onaudience.com/?partner=214&mapped=5A686C50-F385-4522-A8C4-FE1EE8F6C88C HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=250813e726cfafe233be3774ee01a3c2&gdpr= HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=dca83e11a91560c6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fd83f6e2-eda6-4b96-7f99-6e115b03261f&reqId=a79e1e6d-fa59-42e7-723c-9ea866056837&zcluid=dca83e11a91560c6&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEDYkxMCtWVXUHc_FNtMxG2k&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fd83f6e2-eda6-4b96-7f99-6e115b03261f&reqId=a79e1e6d-fa59-42e7-723c-9ea866056837&zcluid=dca83e11a91560c6&zdid=1332

Request Chain 552

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUE2ODZDNTAtRjM4NS00NTIyLUE4QzQtRkUxRUU4RjZDODhD&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 553

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEiA_8mEjfPuH05eAsCz-p0&google_cver=1

Request Chain 555

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=479309700090018596

Request Chain 556

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=76d388c0-c5d9-40f4-be78-96af4a2bb761

Request Chain 557

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3724626452339462965&gdpr=0&gdpr_consent=

Request Chain 576

https://gum.criteo.com/sid/json?origin=publishertag&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=blogs.oglobo.globo.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=NrnkS3xQa2JqMTZ1d3E5UlJ5c25LKzB4Z2N4N2VwdXl5NHg2b1FmSUFHSlZPZmE2UUdSY3FiNytWL3owM2lkbFBERDFmMFp5RTA0UGwvSEY3VTA5RDNvd1p5SkhKNWhpVVAreU4wSG9uZzBNM1JvNGlZT3Q3UGJmcUVTaW1uVmNPdm1DeU1TMFdzVEF1aVJPTU1mUC9kTjE3Kzd5TzRDZXBJYkZ0WXNQdHU5ZmpVVGJlTTRZT05GZTNUQUZqdHQra3puajk2eFRVQWV2UEowdTBhcG1EUkJWVDREeUc5QTl0a0wza2RxZnJvaFJsZXFEZTVoMG5nRFVZalpCVWpxNzdBTzhEVzJTNzZKbmptNGorK1Irbmc4RGN2dz09fA&cppv=2

Request Chain 592

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5A686C50-F385-4522-A8C4-FE1EE8F6C88C&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-KK5CBehE2uUYK_WanOp6tDhaIf.MVWk-~A&gdpr=0&gdpr_consent=

Request Chain 593

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=

Request Chain 594

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2730854139621794066&gdpr=0&gdpr_consent=&us_privacy=

596 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html Show response
blogs.oglobo.globo.com/malu-gaspar/post/
Redirect Chain

http://click.assinanteoglobo.com.br/?qs=fac62467e248101972ff2327872ae5b4eae02cf409a6163063aabd0959fd38325b64f7d66df9571ba718a4bd90eaf90e1228f70d2c6098b4
https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

153 KB
43 KB

1105ms
246ms

Document
text/html

186.192.81.15
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.15 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

6434ee52acb8e3d22e29cc89d1de2a157330dd464a5007502d192c920b7e31b6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 09 Mar 2022 01:45:58 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, X-Forwarded-Proto, X-Mobile-Group
expires: Wed, 09 Mar 2022 01:46:58 GMT
cache-control: max-age=60
x-frame-options: SAMEORIGIN
content-encoding: gzip
age: 0
x-bip: 673798736 ra03 11 14
via: 2.0 CachOS
accept-ranges: bytes
x-request-id: 21c752ae-8146-4e58-9a82-27c16f108b68
x-thanos: 0AB1D026

Redirect headers

Content-Type: text/html; charset=utf-8
Location: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
X-Cnection: close
Content-Length: 305
Expires: Wed, 09 Mar 2022 01:45:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 09 Mar 2022 01:45:57 GMT
Connection: keep-alive

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
93 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 01:46:20 GMT
x-content-type-options: nosniff
age: 518378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94840
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 01:46:20 GMT

GET
H2 200 api.min.js Show response
p.glbimg.com/api/stable/ 37 KB
14 KB 700ms
234ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.glbimg.com/api/stable/api.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

97b81651ac630805fe9f93b8a9481cc286ddb6240b3964a647371f01bca28641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 518401554 ra11 03 08
age: 3523
content-length: 13484
x-xss-protection: 1; mode=block
x-request-id: 5c5e5724-880b-4518-b8ad-dbd158eb734d
last-modified: Thu, 04 Nov 2021 17:23:50 GMT
x-thanos: 0AB5D032
etag: W/"61841726-9496"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:47:15 GMT

GET
H2 200 lgpd-lib.min.css
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 11 KB
2 KB 887ms
431ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.css
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2e53bbdf41db08d5017462fe9963a8ee505c7a8ff83756c5217635019a076465

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:45:59 GMT
content-encoding: gzip
x-openstack-request-id: tx98c454e6a4514f10834d7-006227baf6
last-modified: Wed, 24 Feb 2021 17:18:00 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
content-type: text/css; charset=utf-8
x-timestamp: 1614187079.15655
cache-control: public, max-age=86400
x-trans-id: tx98c454e6a4514f10834d7-006227baf6
x-request-id: a1381e39-9047-46b0-8619-22e7d8974fb1

GET
H2 200 lgpd-lib.min.js Show response
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 46 KB
15 KB 888ms
431ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 655e8547a0f057f68c1a3bbe78d65bcdaee6bc402814d11e3b6fc1da6e0d9dfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:45:59 GMT
content-encoding: gzip
x-openstack-request-id: txd5b4b0f79782465aabad3-006227baf5
last-modified: Wed, 24 Feb 2021 17:18:00 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
x-timestamp: 1614187079.14110
cache-control: public, max-age=86400
x-trans-id: txd5b4b0f79782465aabad3-006227baf5
x-request-id: f7498714-be36-4f10-b00b-e655bc6ce25a

GET
H/1.1 200
OK tiny.js Show response
static.infoglobo.com.br/paywall/js/ 211 KB
44 KB 926ms
228ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: 87f4764f17ad0c8412030149ce610a59676a61a96ca5144e907f85ad688b19a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:20:53 GMT
Content-Encoding: gzip
Age: 1509
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 44284
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a06565f4-34af2-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 8609

GET
H2 200 contadorDeAcessos.js Show response
i.glbimg.com/og/ig/infoglobo1/static/_js/paywall/ 9 KB
3 KB 1212ms
246ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/_js/paywall/contadorDeAcessos.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

38940e363338f26853ceffa226701e8d5384881d5d87c6592571eae5c7a70c04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1035160625 ra09 20 04
age: 0
x-xss-protection: 1; mode=block
x-request-id: 7755bdee-75f0-4a40-842f-504d38d35148
last-modified: Tue, 08 Mar 2022 13:37:14 GMT
x-thanos: 0AB4D013
etag: W/"62275c0a-244a"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:50:59 GMT

GET
H2 200 jquery.cookie.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.3.0/ 2 KB
2 KB 47ms
18ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.3.0/jquery.cookie.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0457619e889bb98d0956ad96f21be1ca143f509d9110a91ed9f6ecf5f6eff71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:45:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10656705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 790
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-83e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jaICSashRQKC6RG1imua0bfMVAjkqfge7UlLLX3awjSurdaxmH%2BJLJIta2UobIltosZeqHLhuUmIWuLg3tQ0pHJs0Nj3%2BLFKbuhx2tXy8yPFfXsvz9VdGpb%2B8mhAsnjf6%2FPx9rzUyc4YEEyCOgRLaBVe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e90225f3bca0200-ZRH
expires: Mon, 27 Feb 2023 01:45:58 GMT

GET
H2 200 gtm_utils.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/js/ 3 KB
2 KB 1415ms
449ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/js/gtm_utils.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

d6179b15e275f1930d1c77b0ec2dbdeda42aeeb0e17eda9b1ee044f903a3c7b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1060626475 ra09 20 04
age: 0
content-length: 1207
x-xss-protection: 1; mode=block
x-request-id: cc1ecec2-6401-462d-83e5-c053cec04067
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D013
etag: W/"62275c0b-d3f"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:50:59 GMT

GET
H/1.1 200
OK oglobo-header.css
oglobo.globo.com/styles/ 21 KB
5 KB 920ms
228ms Stylesheet
text/css 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/styles/oglobo-header.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

38361b977916afb5f09c1f2157db6c842f5db6d306d5e40284c5caa6ce6094fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 15:15:17 GMT
Content-Encoding: gzip
Age: 1074642
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 4046
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 16:44:54 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a0104a02-52ce-5d7fd22cb4d80"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 113610

GET
H/1.1 200
OK oglobo-header.js Show response
oglobo.globo.com/1/scripts/ 4 KB
2 KB 230ms
229ms Script
text/javascript 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/1/scripts/oglobo-header.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

f3355d125a40e2768830335c83f9291cd2295b30024933c846dd4f6ffc696503

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 15:15:15 GMT
Content-Encoding: gzip
Age: 1074645
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 1163
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 16:42:44 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a04be41d-fa4-5d7fd1b0ba900-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 66730

GET
H2 200 advertising.js Show response
i.glbimg.com/og/ig/infoglobo1/static/_js/ 3 KB
1 KB 226ms
225ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/_js/advertising.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

83af4fd59e9a2f531978f17f7b434836faa02c757f1f4fd5b3aff2c15a639695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1056203902 ra09 20 04
age: 175
content-length: 905
x-xss-protection: 1; mode=block
x-request-id: d9ca1c12-28d9-4d07-bb5e-e60f5f8af8ba
last-modified: Tue, 08 Mar 2022 13:37:14 GMT
x-thanos: 0AB4D013
etag: W/"62275c0a-acd"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:48:06 GMT

GET
H2 200 a.jpg
s2.glbimg.com/GokOpUWTEB4VNkn78ulDsjnTNkE=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2020/09/25/ 12 KB
12 KB 719ms
247ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/GokOpUWTEB4VNkn78ulDsjnTNkE=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2020/09/25/a.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: af1b9ba5837527e5eba58c0f7b2b294bc0f2eb632048b2d4a8c552d39f8299d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
via: 2.0 CachOS
x-bip: 137040784 ra09 20 10
age: 0
etag: "8c64c47d33f995949b27efe99ab93ebad0248f0a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D01E
access-control-allow-headers: Content-Type
content-length: 12174
x-request-id: 35a9266e-8ebf-474b-a030-67916b61b9c5
expires: Fri, 08 Apr 2022 01:46:02 GMT

GET
H2 200 whatsapp_image_2022-03-03_at_13.10.08.jpeg
s2.glbimg.com/wYJIFM6039s_PJAoxLcy33h6rtk=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/03/ 16 KB
17 KB 959ms
487ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/wYJIFM6039s_PJAoxLcy33h6rtk=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/03/whatsapp_image_2022-03-03_at_13.10.08.jpeg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 7ef8ca5746a1afaef186269e7615b4b7873e12e44c5afe7b23a35703501ebb3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
via: 2.0 CachOS
x-bip: 138643318 ra09 20 10
age: 0
etag: "3e710b08caa0800ac0249650576d625f0090b9ac"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D01E
access-control-allow-headers: Content-Type
content-length: 16564
x-request-id: 109f89f2-e93c-4512-81aa-3b5593eef0b1
expires: Fri, 08 Apr 2022 01:46:02 GMT

GET
H2 200 comment-widget.js Show response
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/comment-widget/ 231 KB
85 KB 228ms
226ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/comment-widget/comment-widget.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 9e01b976b7f5816aa7b3c8fed296556636ff49db3550debb7d96b4d9576f45a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: gzip
x-openstack-request-id: txa320d4cc3ac54de4becbe-0061f1acfe
last-modified: Wed, 09 Sep 2020 12:15:32 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1599653112.000000
x-timestamp: 1599653731.08521
cache-control: public, max-age=7776000
content-type: application/javascript
x-trans-id: txa320d4cc3ac54de4becbe-0061f1acfe
x-request-id: 12988310-c46f-4e51-9822-b6b37746aefb

GET
H2 200 read-too.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 2 KB
1 KB 233ms
233ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/read-too.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

18765da68fc25d0a5b50b9983466d6ad6e5f87d49865337bb8b241820e68f2cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1063397302 ra09 20 04
age: 298
content-length: 715
x-xss-protection: 1; mode=block
x-request-id: 8293e964-ec34-41da-a195-eaed2809b3ce
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: W/"62275c0c-764"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:02 GMT

GET
H2 200 carousel-oglobo.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 8 KB
3 KB 226ms
225ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/carousel-oglobo.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

965f794992207e65a370768510a64b8d387a590c12cbe0f893452440e863b45b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1056203903 ra09 20 04
age: 298
content-length: 2604
x-xss-protection: 1; mode=block
x-request-id: e4353795-0fb2-42cc-a39c-f2d4097bef95
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: W/"62275c0c-20c9"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:03 GMT

GET
H/1.1 200
OK oglobo-footer.js Show response
oglobo.globo.com/1/scripts/ 3 KB
2 KB 463ms
233ms Script
text/javascript 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/1/scripts/oglobo-footer.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

1bdd1864731bd92a02ecef0e293d581de9422838338d659c591d74814ecb21f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 15:15:19 GMT
Content-Encoding: gzip
Age: 1074643
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 845
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 16:42:44 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a051deba-a3e-5d7fd1b0ba900-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 66137

GET
H2 200 iframe_wrapper.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/js/ 615 B
701 B 228ms
228ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/js/iframe_wrapper.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

83d5ada38cfff8645213b90228afa64c0cb7f47c57b144ed1c8e28e9f204c3ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1063397304 ra09 20 04
age: 296
content-length: 287
x-xss-protection: 1; mode=block
x-request-id: 23fbd296-04fd-4f91-a9f0-6c53ff14ade0
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D013
etag: W/"62275c0b-267"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:03 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 159ms
36ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CEC) /
Resource Hash: c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 710
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29178
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
Server: ECS (mil/6CEC)
Etag: "f7f936f48944db7f829585c4368f33ae+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 froogaloop2.min.js Show response
i.glbimg.com/og/ig/infoglobo1/static/widgets/js/box_videos/ 2 KB
1 KB 224ms
224ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/widgets/js/box_videos/froogaloop2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

be8b51ffb37d864a2ba662d9de815277a243daac644b4f911cb648908c356a70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1057252770 ra09 20 04
age: 296
content-length: 748
x-xss-protection: 1; mode=block
x-request-id: 621c67a0-a17f-4ede-bdc9-30e46ab35a63
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D013
etag: W/"62275c0b-605"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:04 GMT

GET
H2 200 glbVideosBox.js Show response
i.glbimg.com/og/ig/infoglobo1/static/widgets/js/box_videos/ 12 KB
5 KB 227ms
227ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/widgets/js/box_videos/glbVideosBox.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

8b82fda809fc2f47f3da083ded89972d3f87f4f81002327d56a0de29c7033b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1063068888 ra09 20 04
age: 296
content-length: 4233
x-xss-protection: 1; mode=block
x-request-id: f005f496-045d-4fc8-a6d9-8ace9e8652ca
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D013
etag: W/"62275c0b-3032"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:04 GMT

GET
H2 200 glbVideosBox.css
i.glbimg.com/og/ig/infoglobo1/static/widgets/css/box_videos/ 3 KB
2 KB 224ms
224ms Stylesheet
text/css 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/widgets/css/box_videos/glbVideosBox.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

4ad22ce680fcf13523048c47590c38aaf156a6b12c4c067fdec0423da551eb8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1063068889 ra09 20 04
age: 296
content-length: 1150
x-xss-protection: 1; mode=block
x-request-id: 3f8b4efa-6efa-4c94-a7ce-62a11d1710ac
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D013
etag: W/"62275c0b-db9"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:04 GMT

GET
H2 200 instafeed.min.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 6 KB
3 KB 227ms
227ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/instafeed.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

6565dcce8b48f2d1b28e6a0c3c8e774430eb648873c29fd7e6169cb8fabc1697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1062970001 ra09 20 04
age: 296
content-length: 2255
x-xss-protection: 1; mode=block
x-request-id: 5348466c-04ab-45e9-9cf9-5c001bab30b4
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: W/"62275c0c-1843"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:04 GMT

GET
H2 200 modernizr.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 11 KB
5 KB 227ms
227ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/modernizr.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

daf4e71749c1a66c6dbf7fcbf3e0f58154b212aaf499dbf290f740a57f1c5f8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1062970002 ra09 20 04
age: 296
content-length: 4982
x-xss-protection: 1; mode=block
x-request-id: 83139af2-6abe-40a1-8425-1ccfe53aa0d0
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: W/"62275c0c-2bfc"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:04 GMT

GET
H2 200 scripts.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 7 KB
3 KB 225ms
225ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/scripts.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

bb86167c7e059811c8d81abab96888c31270725e6c853d8627707aad79a477da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 471512813 ra09 20 04
age: 297
content-length: 2438
x-xss-protection: 1; mode=block
x-request-id: f35c4161-853c-49ee-8d15-5737c376276a
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: W/"62275c0c-1ce8"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:04 GMT

GET
H2 200 advertising.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 3 KB
1 KB 226ms
226ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/advertising.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

6904824ca3d73b24a9f42562d3ffc0c5c5b5215f7070f07a46de38f4bde7a431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1035264301 ra09 20 04
age: 234
content-length: 1086
x-xss-protection: 1; mode=block
x-request-id: 3b4eb778-63e4-4a5b-92b9-7b757d6e3c50
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: W/"62275c0c-bcb"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:47:07 GMT

GET
H2 200 lazyload-pics.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 1 KB
998 B 226ms
226ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/lazyload-pics.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

2855bde15b744f89d54f309df7cdeb9623e612a0b6c3ad1d4f4871bf800b62b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 471512819 ra09 20 04
age: 297
content-length: 585
x-xss-protection: 1; mode=block
x-request-id: 4212fa2c-6324-44d6-add4-1ca0de990473
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: W/"62275c0c-5d3"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:04 GMT

GET
H2 200 popup-menu.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 1 KB
758 B 225ms
224ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/popup-menu.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

a7238920c10d0793c6ae08536b413cab8ed0a38e67e5b37e136b9cfaf3f98ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1035264298 ra09 20 04
age: 297
content-length: 344
x-xss-protection: 1; mode=block
x-request-id: 3caa35bc-9691-4edb-bc98-bd4a2615a178
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: W/"62275c0c-407"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:04 GMT

GET
H2 200 social-share.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 2 KB
1 KB 225ms
224ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/social-share.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

4cc032573bae338501e8313c028ce05b979c93b2370d3bdbf3a35eb59eb6c9b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1035264299 ra09 20 04
age: 286
content-length: 676
x-xss-protection: 1; mode=block
x-request-id: 19d49862-d8cf-445f-8260-09353643983c
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: W/"62275c0c-78f"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:15 GMT

GET
H2 200 clipboard-email.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 1 KB
1014 B 226ms
224ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/clipboard-email.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

cc89a2874cb232f34cec4cbe24fcb9ec4d046edecf739cbd448d23958217cb7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1035264300 ra09 20 04
age: 286
content-length: 600
x-xss-protection: 1; mode=block
x-request-id: 79d41e6b-2ffb-42d2-885d-382761acdb0f
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: W/"62275c0c-572"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:15 GMT

GET
H2 200 header-more-than-10.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 309 B
624 B 226ms
225ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/header-more-than-10.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

6b14236bbf1fa5f3b3c4ad5fc7709e1f220e8355886a60a6b5908fa90254bbf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1056203901 ra09 20 04
age: 286
content-length: 209
x-xss-protection: 1; mode=block
x-request-id: 98f65b63-10d0-40eb-9493-942589389532
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: W/"62275c0c-135"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:15 GMT

GET
H2 200 settings.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/ 3 KB
2 KB 458ms
458ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/settings.min.js
Requested by: Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 61577749b4423c492bfe2f3bfff475e3397fb3738794c289f783be6b03457194

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: gzip
x-openstack-request-id: txbc8c2a3b8b9448c0a7284-0062280661
last-modified: Fri, 04 Mar 2022 16:44:48 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1646412287.20375
cache-control: public, max-age=180
x-trans-id: txbc8c2a3b8b9448c0a7284-0062280661
x-request-id: 376ed272-cc74-479f-8474-40242ed84407

GET
H2 200 sticky-fullbanner.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/js/ 6 KB
2 KB 417ms
225ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/js/sticky-fullbanner.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

3fa98539b048ed8be50c16179bf796ec57cbc7721fee317bdb21e8519a157487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:45:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1057252762 ra09 20 04
age: 299
content-length: 2133
x-xss-protection: 1; mode=block
x-request-id: 8d2cbba6-01cc-4414-b37f-f19896db5b55
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D013
etag: W/"62275c0b-17a3"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:00 GMT

GET
H2 200 cycle2.min.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 23 KB
8 KB 228ms
228ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/cycle2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

f442b7ee7eddcc4dbea9173e4286180f880016a912175834a7904c6b9fb66d42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1035631076 ra09 20 04
age: 299
content-length: 8155
x-xss-protection: 1; mode=block
x-request-id: 47bb6bdc-d1c3-42b2-a191-54326624f09b
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: W/"62275c0c-5a0a"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:00 GMT

GET
H2 200 cycle2.swipe.min.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 1 KB
955 B 227ms
227ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/cycle2.swipe.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

98a154949f988eb6ba60269500c8a4557b47d0f52a4f45cc5c82eaa04ca0945a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1063397305 ra09 20 04
age: 92
content-length: 542
x-xss-protection: 1; mode=block
x-request-id: a0fcc473-6044-488f-8601-a266023bb45d
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: W/"62275c0c-4fd"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:49:27 GMT

GET
H2 200 detect-private-browsing.js Show response
i.glbimg.com/og/ig/infoglobo1/static/_js/ 3 KB
1 KB 235ms
235ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/_js/detect-private-browsing.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

820cd1061ff66e21080de6746083e199cddb639b2070f7713b95f7aa8ea43c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1057252771 ra09 20 04
age: 0
content-length: 846
x-xss-protection: 1; mode=block
x-request-id: abbe856a-e83a-421d-ac23-e06f58a17360
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D013
etag: W/"62275c0b-a1b"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:00 GMT

GET
H2 200 auto-resize-media.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 1 KB
986 B 225ms
224ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/auto-resize-media.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

2a0b922d729ee8d6c57e9a1ca8edec7f0da91610c3be49e045f3e19b51e74f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1063068890 ra09 20 04
age: 26
content-length: 573
x-xss-protection: 1; mode=block
x-request-id: a7d31ce6-90de-4637-8b1e-cc29178139df
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: W/"62275c0c-4f3"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:50:34 GMT

GET
H2 200 barra-globocom.min.css
barra.globo.com/gl/ba/oidcprodutos/css/ 22 KB
5 KB 685ms
226ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

d1de187546e564a61ba6a5a86a44a6212ebac1e93e0e5e6980e1d300bdeba36a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 326029210 ra03 11 07
age: 463648
content-length: 5096
x-xss-protection: 1; mode=block
x-request-id: c3562a2c-5249-49a1-97ba-a6afa2b38d9d
last-modified: Thu, 03 Mar 2022 15:23:31 GMT
x-thanos: 0AB1D016
etag: W/"6220dd73-588f"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 10 Mar 2022 16:58:33 GMT

GET
H/1.1 200
OK advertisement.js Show response
ogjs.infoglobo.com.br/1462389483/js/ 54 B
493 B 906ms
225ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/1462389483/js/advertisement.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

aad4dd2e4a2cad3ffc9de8feca664b6ab4712fe65746c912191c2cb544b35b49

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 16:28:29 GMT
Age: 1761451
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 54
Last-Modified: Thu, 13 Jan 2022 13:11:12 GMT
Server: Apache
ETag: "a05b6a27-36-5d5766b9f1c00"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 595803

GET
H2 200 home.css
i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/ 49 KB
11 KB 234ms
234ms Stylesheet
text/css 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

3bbf6a0a03aa7b5c5fa5d4db224503f9578dafa7de54b0682f650c1b2e0aa129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 471512820 ra09 20 04
age: 0
x-xss-protection: 1; mode=block
x-request-id: 7aed4e7d-3af2-44fc-ba21-969b72967301
last-modified: Tue, 08 Mar 2022 13:37:17 GMT
x-thanos: 0AB4D013
etag: W/"62275c0d-c3ae"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:02 GMT

GET
H2 200 mais-blogs.css
i.glbimg.com/og/ig/infoglobo1/static/widgets/css/ 580 B
678 B 228ms
228ms Stylesheet
text/css 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/widgets/css/mais-blogs.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

c4ba9c3b4b570311f0aa547c37d279e5b2aa456cba0721f0b6456ec38d61b3af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1059672167 ra09 20 04
age: 151
content-length: 276
x-xss-protection: 1; mode=block
x-request-id: 250873cd-d54d-43cc-830b-1863c9c721d0
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D013
etag: W/"62275c0b-244"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:48:31 GMT

GET selected-alternatives
globo-ab.globo.com/v2/ 0
0

GET
H2 200 mais-blogs.js Show response
i.glbimg.com/og/ig/infoglobo1/static/widgets/js/redesign2019/ 2 KB
1 KB 228ms
228ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/widgets/js/redesign2019/mais-blogs.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

a56a3653f34e27cf4fa8dbe6d066fd075f7285a756440c18237972e0bc6f7695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1059672174 ra09 20 04
age: 151
content-length: 766
x-xss-protection: 1; mode=block
x-request-id: c7f4c1c0-827b-4dab-80ab-83c4e5bf1d76
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D013
etag: W/"62275c0b-757"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:48:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 228 KB
74 KB 48ms
24ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55NG4R

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

631024090aaed540bc78e498040ff4ab08d4f69cdf75e5c097245ccf52ab7bb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75593
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 00:22:23 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Mar 2022 01:46:02 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/ 131 KB
28 KB 33ms
11ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4dd4c70ae62d71f14dc1176521ccdb5a90f6d52727afef664975f0c570187d0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: gzip
last-modified: Fri, 04 Mar 2022 15:04:42 GMT
server: AkamaiNetStorage
etag: "90cad5caab2071f870ac9f0d994d5049:1646406282.757994"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 28120
expires: Wed, 09 Mar 2022 01:51:02 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

25cebee473930d79a643e3aad868d544ae537866a916ed85d7211e5e15429403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: wXFpw0vPn7nYwuT89EMIgA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 09 Mar 2022 01:58:15 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 27CPglx92jJ0CEfUXez3gaKl82ObFKs5tXjwrtTaHUwvIZVkhZK7EsJooqSnffeWK6tjrFCcM7hi6qbLuZde9w==
x-fb-trip-id: 686109401
x-fb-content-md5: 3255ce9ed83caa60898c4b28542c2d0f
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 09 Mar 2022 01:46:02 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "f523efaecd2606a579358ff3073465a3"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK header.html Show response
oglobo.globo.com/ 91 KB
33 KB 900ms
225ms XHR
text/html 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/header.html?cache=true

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/1/scripts/oglobo-header.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

05af8881e716fb64dc6a8f0e821a91492a53f451133b46e3835829f77d409385

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 22:25:56 GMT
Content-Encoding: gzip
Age: 12006
grace: none
X-Cache: HIT
X-Cache-Hits: 2264
Strict-Transport-Security: max-age=15768000
Content-Length: 33083
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
cache-control: public, max-age=14400
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Tue, 08 Mar 2022 22:27:42 GMT

GET
H2 200 close.png
i.glbimg.com/og/ig/infoglobo1/static/blog/_img/ 1 KB
1 KB 234ms
233ms Image
image/png 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_img/close.png

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

46b5e251620a83a6e7b8bd777226f41f87f41cab1b11291db3d872cd93d78ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 471512846 ra09 20 04
age: 0
content-length: 1036
x-xss-protection: 1; mode=block
x-request-id: 98e21e27-9a0a-4f70-8ddb-45c91916fe77
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: "62275c0c-40c"
vary: Origin
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:02 GMT

GET
H2 200 ico-circle.svg
i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ 781 B
890 B 227ms
227ms Image
image/svg+xml 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ico-circle.svg

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

f411ed8284b38cc0d295fffe96d3b626a09b446113253a999a30fa15bca7b525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1002105610 ra09 20 04
age: 78
content-length: 483
x-xss-protection: 1; mode=block
x-request-id: c804568d-ee3e-4530-82ec-8a7f9b02f3f0
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: W/"62275c0c-30d"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:49:44 GMT

GET
H2 200 ico-arrow-back.svg
i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ 527 B
731 B 224ms
224ms Image
image/svg+xml 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ico-arrow-back.svg

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

a595576eeab89707bc27f276a7b81404f36575c6af9fa872533ab0856aed7f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1002105611 ra09 20 04
age: 176
content-length: 323
x-xss-protection: 1; mode=block
x-request-id: 29a779d4-15f0-404f-8fe8-74a3d9f0cf8c
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: W/"62275c0c-20f"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:48:06 GMT

GET
H2 200 WhitmanDisplayCond-Bold.OTF
i.glbimg.com/og/ig/infoglobo1/static/blog/_font/redesign2019/ 79 KB
79 KB 689ms
229ms Font
application/x-font-otf 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_font/redesign2019/WhitmanDisplayCond-Bold.OTF

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

f0d956a19224d2a65308e4643a6a96418fe8e1bf93e563fc59c0a9ed9b2945c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css
Origin: https://blogs.oglobo.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 941386488 ra03 11 09
age: 284
content-length: 80404
x-xss-protection: 1; mode=block
x-request-id: db828300-f969-43bf-9fb6-3c300f1ba11a
last-modified: Tue, 08 Mar 2022 13:37:17 GMT
x-thanos: 0AB1D00F
etag: "62275c0d-13a14"
vary: Origin
content-type: application/x-font-otf
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:18 GMT

GET
H2 200 malu-gaspar.png
i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/ 38 KB
38 KB 238ms
238ms Image
image/png 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/malu-gaspar.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-81-15.prt.globo.com

Software

Resource Hash

62537d1d83fc70d91a66df6aa2869035e1deb77a0dca3d2bfd507b8c19afcec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 1059412997 ra09 20 04
age: 0
content-length: 38549
x-xss-protection: 1; mode=block
x-request-id: f6775328-d388-4246-a0d0-8b0894429fea
last-modified: Wed, 17 Feb 2021 18:49:10 GMT
x-thanos: 0AB4D013
etag: "602d6526-9695"
vary: Origin
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:03 GMT

GET
H2

200

3PtJkj856nwoi79q6txIQA Show response
open.spotify.com/embed-podcast/episode/ Frame 3AB3
Redirect Chain

https://open.spotify.com/embed/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator

37 KB
10 KB

216ms
216ms

Document
text/html

2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

297d055dfb4674bb9b8d2ada177ce2316877e81a0221128680a4699e1938c65c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
spotify-request-id: 2069ecaa-0200-44f7-904e-4fcedcdf79be
content-encoding: br
x-join-the-band: https://www.spotify.com/jobs/
sp-trace-id: 7b6d35be65ddc7bf
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

Redirect headers

date: Wed, 09 Mar 2022 01:46:02 GMT
content-type: text/html
location: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
x-join-the-band: https://www.spotify.com/jobs/
sp-trace-id: 4653ccb6ae287b05
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 200 ultimos-posts.json Show response
blogs.oglobo.globo.com/malu-gaspar/ 3 KB
1 KB 238ms
238ms Fetch
application/json 186.192.81.15
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.oglobo.globo.com/malu-gaspar/ultimos-posts.json

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/read-too.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.15 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

b679c78a80fb5f69e0d26dcd8e3e7a51ab9f4c8a26c134584760f5e2737b02e2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-bip: 583039029 ra03 11 14
age: 0
content-length: 1098
x-request-id: ab5fba07-3549-49ef-a9c4-125a5c61482e
last-modified: Tue, 08 Mar 2022 20:10:31 GMT
x-thanos: 0AB1D026
x-frame-options: SAMEORIGIN
etag: W/"6227b837-a10"
vary: Accept-Encoding, X-Forwarded-Proto, X-Mobile-Group
content-type: application/json
via: 2.0 CachOS
cache-control: max-age=60
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:47:03 GMT

GET
H2 200 mais-blogs.json Show response
blogs.oglobo.globo.com/politica/ 7 KB
3 KB 244ms
244ms Fetch
application/json 186.192.81.15
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.oglobo.globo.com/politica/mais-blogs.json?callback=mais-blogs

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/widgets/js/redesign2019/mais-blogs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.15 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-81-15.prt.globo.com

Software

Resource Hash

56dca1258abe5511e3951cb482b95385daa9206fa5403842445f651fc24b6b94

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-bip: 438103781 ra03 11 14
age: 0
content-length: 2256
x-request-id: 1fc7a3cd-2e17-44d6-bc86-3a5bfbb43856
last-modified: Wed, 09 Mar 2022 01:44:06 GMT
x-thanos: 0AB1D026
x-frame-options: SAMEORIGIN
etag: W/"62280666-1cf5"
vary: Accept-Encoding, X-Forwarded-Proto, X-Mobile-Group
content-type: application/json
via: 2.0 CachOS
cache-control: max-age=60
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:47:03 GMT

GET
H2 200 ico-key.svg
i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ 1 KB
1 KB 228ms
228ms Image
image/svg+xml 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ico-key.svg

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

34f6d98ef7d173daed822d375453e08ce1de893b84d58b0b24a7f4ec69ccf899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 1063691413 ra09 20 04
age: 150
content-length: 672
x-xss-protection: 1; mode=block
x-request-id: 86b93aa7-68e5-4898-ba15-2f215f944f56
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D013
etag: W/"62275c0c-46a"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:48:32 GMT

GET
H2 200 95292419_manaus_16-09-2021_estudos_cientificos_irregulares_com_a_proxalutamida_um_remedio_obscuro_de.jpg
s2.glbimg.com/BAXJfc2BuAH7nWT1Y0wEK0YBRdE=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2021/09/17/ 21 KB
21 KB 470ms
469ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/BAXJfc2BuAH7nWT1Y0wEK0YBRdE=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2021/09/17/95292419_manaus_16-09-2021_estudos_cientificos_irregulares_com_a_proxalutamida_um_remedio_obscuro_de.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 483e5dd4b1810cabf0aa1914e0f45acb5ef639d7ede33610649f0cb61a1dc9a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 2.0 CachOS
x-bip: 134262479 ra09 20 10
age: 147947
etag: "ade886fe89b5a3dadae696aaf632c86327785227"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D01E
access-control-allow-headers: Content-Type
content-length: 21608
x-request-id: 30dbe014-0d28-4d83-a6e3-618147740da8
expires: Wed, 06 Apr 2022 07:37:57 GMT

GET
H2 200 51204019502_e714d4e8bc_k.jpg
s2.glbimg.com/V7Q0GkrTmQN-pPq7Ew6ftUm42ls=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2021/05/27/ 28 KB
28 KB 228ms
228ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/V7Q0GkrTmQN-pPq7Ew6ftUm42ls=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2021/05/27/51204019502_e714d4e8bc_k.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 948573286d889fce5089f810d8a2a67330d0c515b3857a451dd4f422abae8063

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 2.0 CachOS
x-bip: 136981529 ra09 20 10
age: 147947
etag: "0205030e75f5ed75f785a31b2b23aa8fbdd0b468"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D01E
access-control-allow-headers: Content-Type
content-length: 28758
x-request-id: 193217d4-52f2-4475-94ab-16716ec87bfc
expires: Wed, 06 Apr 2022 08:40:15 GMT

GET
H2 200 91586851_brazilian_president_jair_bolsonaro_r_greets_brazils_attorney_general_augusto_aras_during_h.jpg
s2.glbimg.com/EpJN1glMX6VQyLjUvwXe9mJ43DY=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2021/05/26/ 10 KB
11 KB 468ms
468ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/EpJN1glMX6VQyLjUvwXe9mJ43DY=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2021/05/26/91586851_brazilian_president_jair_bolsonaro_r_greets_brazils_attorney_general_augusto_aras_during_h.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 904a77899b55ec7a2110ec4436f858e03c523b47018a0cc3771f385e7323f3bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 2.0 CachOS
x-bip: 11651295 ra09 20 10
age: 147947
etag: "360b3ce191272a98493e27d395ca5ac31de81f89"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D01E
access-control-allow-headers: Content-Type
content-length: 10610
x-request-id: 585fe6b1-e814-45e2-8552-4f58e03bb852
expires: Wed, 06 Apr 2022 07:37:57 GMT

GET
H2 200 barra-globocom.min.js Show response
barra.globo.com/gl/ba/oidcprodutos/js/ 46 KB
17 KB 229ms
228ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.globo.com/gl/ba/oidcprodutos/js/barra-globocom.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

82cd1b61b349324e102d58679583114bd5b2620347f422ad05851b825a926748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 328803457 ra03 11 07
age: 463652
content-length: 16645
x-xss-protection: 1; mode=block
x-request-id: d737b28a-bb14-4d07-b915-5719822b205f
last-modified: Thu, 03 Mar 2022 15:23:29 GMT
x-thanos: 0AB1D016
etag: W/"6220dd71-b991"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 10 Mar 2022 16:58:30 GMT

GET
H/1.1 200
OK footer.html Show response
oglobo.globo.com/ 2 KB
2 KB 900ms
224ms XHR
text/html 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/footer.html?cache=true&env=PRD

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/1/scripts/oglobo-footer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

3c47e0a59a72649f45f26c3a8bfb761ba01d8c2d73e21d2667ffbc86483bc627

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 00:19:24 GMT
Content-Encoding: gzip
Age: 5198
grace: none
X-Cache: HIT
X-Mod-Pagespeed: Powered By mod_pagespeed
Strict-Transport-Security: max-age=15768000
Content-Length: 711
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
cache-control: public, max-age=14400
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Access-Control-Allow-Origin: *
Expires: Wed, 09 Mar 2022 00:21:10 GMT
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 232

GET
H2 200 embed.js Show response
oglobo.comentarios.globo.com/assets/js/ 43 KB
13 KB 1979ms
448ms Script
application/javascript 131.0.25.85
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.comentarios.globo.com/assets/js/embed.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/comment-widget/comment-widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.85 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

1f093bc730be083fb98900fb68fa27e0601d6117def41701dc6060d272e468aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-trace-id: cf7ef810-9c0f-11ec-9561-89fa52637bfb
date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Jan 2021 17:53:02 GMT
etag: W/"3116-1774a208830"
vary: Accept-Encoding
content-language: pt-BR
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
access-control-allow-headers: Content-Type
content-length: 12566
x-content-type-options: nosniff

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 50ms
27ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/widgets/js/box_videos/glbVideosBox.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb140898441e0e96c3d2d57cad7572be0ca853db01829bc80684b7e3f0fd278d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Wed, 09 Mar 2022 01:46:03 GMT

GET
H/1.1 200
OK widget_iframe.a58e82e150afc25eb5372dd55a98b778.html Show response
platform.twitter.com/widgets/ Frame A45C 319 KB
104 KB 38ms
37ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fblogs.oglobo.globo.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 440446
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 09 Mar 2022 01:46:03 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 16 Feb 2022 18:36:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CE2)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_BR/ 285 KB
81 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=4c28f966a932a1e9c9b09ee309cd81cc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c0daa03181c325afe502ee8098fcb9f3b46e969b4cbbe21e719bfeee66e84d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blogs.oglobo.globo.com/
Origin: https://blogs.oglobo.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 5uxZQKMCo4N1W/nfz+fL/w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 82981
x-fb-rlafr: 0
x-fb-debug: +xl46VopwrT7dl3BNbUxg6CiNcwMNRyPk030PAod2aomHNXrHary5WV0TXUXn4gX0+a92wQ/kiotMLdoyQxUTA==
x-fb-content-md5: b9d18c70875f10292f69dc981c7bd1f0
x-frame-options: DENY
date: Wed, 09 Mar 2022 01:46:03 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "0fd7f9734b94a2212a825dc1b4c671fb"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 08 Mar 2023 23:51:22 GMT

GET
H2 200 profiling.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/ 93 KB
28 KB 228ms
228ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 192d2eb7078526e7974933da14512e5f5d64902e654d1e4ee5b421abbf169a3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-openstack-request-id: tx789df813c11f4879bc865-0062280653
last-modified: Wed, 12 May 2021 17:50:53 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1620841852.71626
cache-control: public, max-age=180
x-trans-id: tx789df813c11f4879bc865-0062280653
x-request-id: 9c54d537-56d0-4961-bd31-9e250c205234

GET
H2 200 tm13574.js Show response
tag.navdmp.com/ 17 KB
6 KB 50ms
23ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm13574.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Sep 2021 18:45:04 GMT
server: cloudflare
age: 2616
etag: W/"6137b330-4291"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6e9022791fb023af-ZRH
content-type: application/javascript
expires: Wed, 09 Mar 2022 02:02:27 GMT

GET
H2 200 15688_oglobo.js Show response
ads.rubiconproject.com/prebid/ 398 KB
106 KB 26ms
7ms Script
text/javascript 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: af0b787aff69eb51047de80f7feee06dec5d4cf457a73140402e452c0704a142

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 23:41:17 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=10134
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 108254
expires: Wed, 09 Mar 2022 04:34:57 GMT

GET
H2 200 horizon-common-hit.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 41 KB
14 KB 226ms
226ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: fb4c391be2dd9e927d16789bebea68314f10f75383bc4a7b920e8addfdf3e44c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-openstack-request-id: tx01352b0acdc4480e9a661-006227e62e
last-modified: Wed, 22 Dec 2021 23:24:10 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1640215449.32111
cache-control: max-age=86400
x-trans-id: tx01352b0acdc4480e9a661-006227e62e
x-request-id: fa0e7470-1c62-4a0f-bfd4-b4e3a5a6d2c4

GET
H2 200 glb-pv-min.js Show response
s.glbimg.com/bu/rt/js/ 2 KB
1 KB 229ms
229ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=201810192058

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 517133196 ra11 03 08
age: 170
content-length: 969
x-xss-protection: 1; mode=block
x-request-id: 1c0a2362-b4d7-4891-9b08-0df35f5834b5
last-modified: Mon, 04 Feb 2019 16:44:48 GMT
x-thanos: 0AB5D032
etag: W/"5c586c00-703"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:43:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55NG4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6071
date: Wed, 09 Mar 2022 00:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 09 Mar 2022 02:04:52 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 47ms
23ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55NG4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Mar 2022 01:46:03 GMT

GET
H2 200 ivc.js Show response
gadasource.storage.googleapis.com/ 71 KB
24 KB 34ms
10ms Script
text/plain 2a00:1450:4001:802::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gadasource.storage.googleapis.com/ivc.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:18:07 GMT
content-encoding: gzip
age: 1676
x-guploader-uploadid: ADPycdvmUbF32aD0CLzuR9J9ReW9xlmO4cYcOrLBYfX3OsbvK1cHigvwL7HMiEhkzzEYustBigsuiA7UCt8RTdRvrf0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24321
last-modified: Mon, 02 Sep 2019 19:50:51 GMT
server: UploadServer
etag: "cdaa61cbc24c48191196b45b31a7e18b"
vary: Accept-Encoding
x-goog-hash: crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
x-goog-generation: 1567453851562424
cache-control: public, max-age=3600
x-goog-stored-content-length: 24321
accept-ranges: bytes
content-type: text/plain
expires: Wed, 09 Mar 2022 02:18:07 GMT

GET
H3 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
2 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9589fc10543b78717045f23fb9697e698d6d134165e9cc7e856ac755e7af490

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: YDCPxcElriinV9lpqW4l1g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 09 Mar 2022 01:53:29 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 2169
x-fb-rlafr: 0
x-fb-debug: 0Z/1D8DPFCPEm+UJrScWToVWj6iTO0fTnQWBHc+R+DCLW+sBXsCv/gBcbYtds3ewLt+8EKPeg0W/FyYw/9zdUQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 769382baf80e7a08f68d5d0804c25456
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Mar 2022 01:46:03 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b8af14df59f6b89cf170df77c2ac20cd"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26291
x-xss-protection: 0
pragma: public
x-fb-debug: iAXsAHaw1zYjJrfQgCh8IVX8rXzbjimB9Mp+2moA3OFSG2B6cM/zDw8e1dqXH6AO/ehyEWXYJ66+MeuKY9s08A==
x-frame-options: DENY
date: Wed, 09 Mar 2022 01:46:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

14 KB
6 KB

22ms
6ms

Script
application/javascript

151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 00:44:37 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kiad7000154-IAD, cache-fra19136-FRA

Redirect headers

x-tw-cdn: VZ
Date: Wed, 09 Mar 2022 01:46:03 GMT
Server: ECS (mil/6CEC)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Server-Timing: "x-cache;desc= ,x-tw-cdn;desc=",edge;dur=1
Content-Length: 0

GET
H2 200 2v84n8g15c1895dv.js Show response
cdn.petametrics.com/ 165 KB
48 KB 33ms
14ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.petametrics.com/2v84n8g15c1895dv.js?ts=457441
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26d5bf13e1916e7f19a9d7f2c0ca803dd1c3b7133222992f77e8d45ec4a5f653

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 20:19:41 GMT
server: AmazonS3
x-amz-request-id: VKRYAEKYX9JQDHB4
etag: "7ff22d09d14404816d3c9e109840e5b6"
x-hw: 1646790363.cds128.fr8.hn,1646790363.cds098.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=31536000
content-length: 49143
accept-ranges: bytes
x-amz-version-id: OrX5gM9_U23XC_pNmtftFW7rcttwutvK
x-amz-id-2: Kyyc+6hZHe3kSmm1i/wHFDImD7mDv4dlq5i7b57FTRGw7jJn/NICpr1IuXuiTeHSP/TppN26IO8=

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 25ms
10ms Script
application/x-javascript 2600:9000:223c:dc00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:dc00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:13:09 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 22:23:33 GMT
server: nginx
age: 1974
etag: W/"61fc55e5-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: QognlqjnaO3rE-5JctN94BMsvwVtrtJSNgZn3hboaBF9ly2Jkvbw9A==
expires: Wed, 09 Mar 2022 03:13:09 GMT

GET
H2 200 init.js Show response
api.deep.bi/v3/ 67 KB
24 KB 104ms
74ms Script
application/javascript 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v3/init.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2faf7911101f5a49100c25d25b355d0bf995adcf50525c580864fe42fd6fa9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://blogs.oglobo.globo.com/
Origin: https://blogs.oglobo.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Wed, 09 Mar 2022 00:45:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-if-error=3600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
cf-ray: 6e9022797a24cc4a-ZRH

GET
H2 200 malu02.jpg
s2.glbimg.com/DNm8xgM8soeGAYnnRVYaclEVF5w=/54x54/smart/i.glbimg.com/og/ig/infoglobo1/f/original/autores/ 4 KB
4 KB 346ms
346ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/DNm8xgM8soeGAYnnRVYaclEVF5w=/54x54/smart/i.glbimg.com/og/ig/infoglobo1/f/original/autores/malu02.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 858ee298743a0f7bedc783805d245866482e2e6476bc50e217e4149109bbbb64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 2.0 CachOS
x-bip: 56765267 ra09 20 10
age: 147939
etag: "571f1825558c7a5bd9a4900a0bad7b20abeebe02"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D01E
access-control-allow-headers: Content-Type
content-length: 4000
x-request-id: 04c2547d-c33c-4c45-a22e-fa3258c55cc6
expires: Wed, 06 Apr 2022 08:35:33 GMT

GET
H2 200 johanns-eller.jpg
s2.glbimg.com/obiuErYqAOT8lCUItjqTQ-4wSDk=/54x54/smart/i.glbimg.com/og/ig/infoglobo1/f/original/autores/ 840 B
1 KB 346ms
346ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/obiuErYqAOT8lCUItjqTQ-4wSDk=/54x54/smart/i.glbimg.com/og/ig/infoglobo1/f/original/autores/johanns-eller.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 6695338cf8288b54d8759aa42bc33ffec4890a9437b39cd83b09b10a69424681

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 2.0 CachOS
x-bip: 55817578 ra09 20 10
age: 147939
etag: "687ef7667844b847fe1f7302d143adfcc0f0216a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D01E
access-control-allow-headers: Content-Type
content-length: 840
x-request-id: 69c42e94-b7ca-4079-9a64-4de4d5109219
expires: Wed, 06 Apr 2022 08:35:34 GMT

GET
H2 200 mariana-carneiro.jpg
s2.glbimg.com/p3TFUF0pO71J03G9OG_l85wfYdg=/54x54/smart/i.glbimg.com/og/ig/infoglobo1/f/original/autores/ 746 B
1 KB 346ms
346ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/p3TFUF0pO71J03G9OG_l85wfYdg=/54x54/smart/i.glbimg.com/og/ig/infoglobo1/f/original/autores/mariana-carneiro.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 5e7ad57625716ecb64cc538548e77e0d0d9166af16eca0ee86385fdd54cc6410

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 2.0 CachOS
x-bip: 136228102 ra09 20 10
age: 147939
etag: "0744ba2eb1ac7ecf376f01fe2a5e7306c3e61fe5"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D01E
access-control-allow-headers: Content-Type
content-length: 746
x-request-id: fd044401-2d99-4448-a376-bf4d8d872fdc
expires: Wed, 06 Apr 2022 08:27:30 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/2fd2ad45/www-widgetapi.vflset/ 152 KB
49 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2fd2ad45/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45dc5dedead2b778c3973a826902175513d9c1024eb7dae00336f0bf41fb65c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 20:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50272
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 01:19:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 08 Mar 2023 20:11:59 GMT

GET
H2 200 15688-pbjs-floors.json Show response
ads.rubiconproject.com/floors/ 62 KB
5 KB 21ms
8ms XHR
application/json 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/floors/15688-pbjs-floors.json
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 499124536b9ce87a72cd94fe09eb47ff43e76816b293f3ff90f21113e6c63d85

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 00:41:01 GMT
server: Apache
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1500
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5404

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 47ms
20ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220309

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87bfbda6a39ce7ea80accdd34f44fd40136aea34de371e01e2d7d851a8c530cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20643
x-jsd-version: 1.0.1275
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19125-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66d-WzFUWmLiQVcWM4xayPCMmHf7aV0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6e902279abd42397-ZRH

GET
H2 200 usr Show response
usr.navdmp.com/ 77 B
289 B 162ms
161ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=13574&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d7e077cdf81c967de68d44238c33348437029af6c296846b85598f2264517b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e9022798fd623af-ZRH
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Wed, 09 Mar 2022 02:46:03 GMT

GET
H3 200 792893547449051 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/792893547449051?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ca774896b89643ab9db841169553bf60196fff1981f16b0db923f6908788f773

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89096
x-xss-protection: 0
pragma: public
x-fb-debug: WUqW2Fo/tLWHO5F04g+LGPwpRSddALNOLirUm9WiNCCh6njOqdfyRw9WBK4/yCimYeCfQlMTDSqvkU9ueyFezg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 09 Mar 2022 01:46:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 23ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=705216002929827&ev=PixelInitialized&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646790363141

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 09 Mar 2022 01:46:03 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame A45C 232 B
448 B 133ms
118ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=bba439f5a397a89295d5dc7c2f421f973fa815d3

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fblogs.oglobo.globo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 111
date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 01:46:03 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 49532ad1d952a97573799528bbb417ff37082dc44bf86094290fd62c2742ccd2
content-length: 166

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51216819-11&cid=564303274.1646790363&jid=1631292074&gjid=16484761&_gid=300585408.1646790363&_u=YGBAgEABAAAAAE~&z=1203038284

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Mar 2022 01:46:03 GMT
content-type: text/plain
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
537 B 38ms
15ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 02:46:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82757
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 298ms
98ms Image
image/gif 54.208.44.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=oglobo.globo.com&p=%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&u=DasvGDC8VhnVCB-4Xy&d=blogs.oglobo.globo.com&g=56624&g0=Blogs%2CBlogs%2Fmalu-gaspar&g1=No%20Author&g4=post&n=1&f=00001&c=0&x=0&m=0&y=5241&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=5782&_c=newstarde&_m=email&_x=newsletter&t=B1VKuiOUDvt8UuvGBaN-YTBZbm2i&V=129&i=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&tz=0&_acct=anon&sn=1&sv=C--8xEBDXXF1CsCql_C9VioaD_O9gC&sd=1&im=061b2ff3&_
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.44.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-44-81.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:03 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1064234515/ 3 KB
2 KB 40ms
18ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1064234515/?random=1646790363188&cv=9&fst=1646790363188&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&ig=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bfab713d95dd821ff04fc30c515cbfc91bc9be1308ec45febd21953e14d66d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1212
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/984971963/ 3 KB
1 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984971963/?random=1646790363190&cv=9&fst=1646790363190&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&ig=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d69ad09c95afed3bfb991e48ef845e6418c84e85d91dce2b9bd9b7184aa42ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1208
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 i
ivccf.ivcbrasil.org.br/ 43 B
461 B 1910ms
1092ms Image
image/gif 34.216.59.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivccf.ivcbrasil.org.br/i?stm=1646790363221&e=pv&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&page=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=9&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=c981856f-acc3-4100-be71-3794beb5955c&dtm=1646790363219&vp=1600x1200&ds=1600x5241&vid=1&sid=c9d8140c-1ee7-4bf4-a16c-48cc700bd3a6&duid=c5dcb3eb-36e3-4124-8c66-f1344f65ce6f&fp=4035173576
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.216.59.128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-216-59-128.us-west-2.compute.amazonaws.com
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:04 GMT
Server: Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H2 200 __inventory.gif
query.petametrics.com/v1/ 35 B
93 B 128ms
112ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v1/__inventory.gif?ts=1646790363228&jsk=2v84n8g15c1895dv&jsv=20220216&cu=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&item=%7B%22opinion%22%3A%5B%22true%22%5D%2C%22content_tier%22%3A%5B%22metered%22%5D%2C%22location%22%3A%5B%22country%3Abrazil%22%5D%2C%22tag%22%3A%5B%22Waldir%20Ferraz%22%2C%22Jair%20Bolsonaro%22%2C%22isen%C3%A7%C3%A3o%20de%20imposto%22%2C%22asa%20delta%20%22%2C%22jet%20ski%22%5D%2C%22type%22%3A%5B%22website%22%5D%2C%22site_name%22%3A%5B%22Blogs%20O%20Globo%22%5D%2C%22url%22%3A%5B%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%22%5D%2C%22image%22%3A%5B%22https%3A%2F%2Fi.glbimg.com%2Fog%2Fig%2Finfoglobo1%2Ff%2Foriginal%2F2020%2F09%2F25%2Fa.jpg%22%5D%2C%22title%22%3A%5B%22Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%22%5D%2C%22description%22%3A%5B%22%20Por%20Malu%20Gaspar%20e%20Mariana%20Carneiro%20Amigo%20de%20longa%20data%20de%20Jair%20Bolsonaro%2C%20Waldir%20Ferraz%20afirma%20que%20atuou%20diretamente%20para%20que%20o%20governo%20zerasse%20a%20...%22%5D%2C%22locale%22%3A%5B%22pt_BR%22%5D%2C%22id%22%3A%5B%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%22%5D%2C%22authors%22%3A%5B%22%22%5D%2C%22category%22%3A%5B%22blogs-outros%22%5D%2C%22content_type%22%3A%5B%22post%22%5D%2C%22image145%22%3A%5B%22https%3A%2F%2Fs2.glbimg.com%2FqnZS32na7RVJzlkodGMBuqa8KNw%3D%2F145x87%2Fsmart%2Fi.glbimg.com%2Fog%2Fig%2Finfoglobo1%2Ff%2Foriginal%2F2020%2F09%2F25%2Fa.jpg%22%5D%2C%22image105%22%3A%5B%22https%3A%2F%2Fs2.glbimg.com%2FQTcS7TDw8GQyBFsdVhcPCeE8tkA%3D%2F105x105%2Fsmart%2Fi.glbimg.com%2Fog%2Fig%2Finfoglobo1%2Ff%2Foriginal%2F2020%2F09%2F25%2Fa.jpg%22%5D%2C%22published_time%22%3A%5B%222022-03-03T14%3A15%3A19-03%3A00%22%5D%2C%22modified_time%22%3A%5B%222022-03-03T14%3A20%3A35-03%3A00%22%5D%2C%22section%22%3A%5B%22Malu%20Gaspar%22%5D%2C%22protected%22%3A%5B%220%22%5D%2C%22teaser%22%3A%5B%220%22%5D%2C%22sponsored%22%3A%5B%220%22%5D%7D&ttl=0
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 __activity.gif
query.petametrics.com/v3/2v84n8g15c1895dv/c5ffb89e-d972-49aa-bf88-e8e288ec994c/ 35 B
175 B 127ms
111ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/2v84n8g15c1895dv/c5ffb89e-d972-49aa-bf88-e8e288ec994c/__activity.gif?e=pageview&ct=Isen%C3%A7%C3%A3o+de+tarifa+para+asa+delta+foi+pedido+de+amigo+de+Bolsonaro+%7C+Malu+Gaspar+-+O+Globo&ccu=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&tspl=5828&blst=5666&ist=5823&iet=5827&bdst=5666&bdet=5710&bcttt=5&ts=1646790363230&jsk=2v84n8g15c1895dv&jsv=20220216&cu=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&uid=c5ffb89e-d972-49aa-bf88-e8e288ec994c&sid=872da66d-f812-4c34-a700-ae88d5240d6e&pvid=864e70a5-d727-4f07-ad94-0ce5f4ffea8f&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F99.0.4844.51+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=10&saveData=false&ctyp=unknown&tzo=0&sdk=bc-pixel
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 09 Mar 2022 01:46:03 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
466 B 35ms
14ms XHR
application/json 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 47ms
23ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51216819-11&cid=564303274.1646790363&jid=1631292074&_u=YGBAgEABAAAAAE~&z=1599011119

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 42ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51216819-11&cid=564303274.1646790363&jid=1631292074&_u=YGBAgEABAAAAAE~&z=1599011119

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 410270039520634 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/410270039520634?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d09e94db96acb4c513ae0008417ee87a4e6eb342fefb29da4ec4419573f6d0f7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89132
x-xss-protection: 0
pragma: public
x-fb-debug: WnR7ZRBdr2KYFrhJ+O4hMnrcCB7UzNlu6qIqpwAC0NQFIE8KTnjrprnpw+AHIDDXauHzaI1pY/9xCmjYEX4+ow==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 09 Mar 2022 01:46:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=792893547449051&ev=PageView&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646790363270&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1646790363269.304684564&it=1646790363138&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 01:46:03 GMT

GET
H2 403 adsct
analytics.twitter.com/i/ 0
0 131ms
108ms Script
text/plain 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=l67dw&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=f2aa4cea-2273-4e78-a58a-861e5254f544&tw_document_href=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 102
date: Wed, 09 Mar 2022 01:46:03 UTC
cache-control: no-cache, no-store, max-age=0
server: tsa_o
x-connection-hash: fceb707b7c24596c6253133bc767167cf759329def79923dd3d1bba25a846b79
content-length: 0
strict-transport-security: max-age=631138519

GET
H2 200 adsct
t.co/i/ 43 B
337 B 140ms
118ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=l67dw&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=f2aa4cea-2273-4e78-a58a-861e5254f544&tw_document_href=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 111
date: Wed, 09 Mar 2022 01:46:02 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 63cf7dcea1dfd9e241625e1cfce37b9648d4c00d3607e02a01753469f82664d7
content-length: 43

GET
H/1.1 200
OK CircularSpUIv3T-Bold.8d0a45cc.woff2
open.scdn.co/cdn/fonts/ Frame 3AB3 71 KB
72 KB 40ms
6ms Font
application/octet-stream 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/fonts/CircularSpUIv3T-Bold.8d0a45cc.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 897cda707d438f8d6b6b92cfcb2c1fd2035ff59f5f0c5b9943d2f04d411f7fda

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:03 GMT
Last-Modified: Fri, 21 Jan 2022 03:17:01 GMT
Age: 4054355
ETag: "c147cc237b8b07e0a8875dfbbe857b29"
X-Served-By: cache-ord1729-ORD, cache-hhn11530-HHN
X-Cache: HIT, HIT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 72840
X-Cache-Hits: 1, 388528

GET
H/1.1 200
OK spoticon_regular_2.d319d911.woff2
open.scdn.co/cdn/fonts/ Frame 3AB3 56 KB
56 KB 43ms
10ms Font
application/octet-stream 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/fonts/spoticon_regular_2.d319d911.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d728648c3e1d90bf50f0e988787ce26ea1111fa697b0a9daeb95d6724842a9c1

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:03 GMT
Last-Modified: Mon, 07 Feb 2022 11:21:58 GMT
Age: 2556698
ETag: "3b7bbfac9ed3e75d426728e900579aa9"
X-Served-By: cache-ord1728-ORD, cache-hhn11550-HHN
X-Cache: HIT, HIT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 56996
X-Cache-Hits: 1, 141648

GET
H/1.1 200
OK embed.5deeee5f.css
open.scdn.co/cdn/build/embed/ Frame 3AB3 9 KB
2 KB 51ms
21ms Stylesheet
text/css 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/build/embed/embed.5deeee5f.css
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ddf42245fe4d2966e95db9c2d44a908a37bbe952453aa148c6261444b5ca8ab3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Feb 2022 11:39:01 GMT
Age: 2815420
ETag: "5b65f0732a00af120dba40a752323e96"
X-Served-By: cache-ord1726-ORD, cache-hhn11582-HHN
X-Cache: HIT, HIT
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1207
X-Cache-Hits: 1, 134147

GET
H/1.1 200
OK vendor~embed.550b1e0b.js Show response
open.scdn.co/cdn/build/embed/ Frame 3AB3 902 KB
268 KB 27ms
11ms Script
application/javascript 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/build/embed/vendor~embed.550b1e0b.js
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4c6b42511617ece0e6fe041a96722bc878b658c78941a2b0670068194d2b4beb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Feb 2022 10:09:37 GMT
Age: 747144
ETag: "627890522ed050437c6e28481a10be99"
X-Served-By: cache-ord1746-ORD, cache-hhn11563-HHN
X-Cache: HIT, HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 273626
X-Cache-Hits: 13, 258

GET
H/1.1 200
OK embed.97b93a27.js Show response
open.scdn.co/cdn/build/embed/ Frame 3AB3 601 KB
138 KB 31ms
15ms Script
application/javascript 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/build/embed/embed.97b93a27.js
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 56c38052c571ec5b73124a97eef160d6e45b49722abb2a91f85c53343faa4c34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Mar 2022 14:06:58 GMT
Age: 41727
ETag: "9dab155804c3eadfab8e55cd048c6bf1"
X-Served-By: cache-ord1737-ORD, cache-hhn11533-HHN
X-Cache: HIT, HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 140911
X-Cache-Hits: 3, 717

GET
H2 200 whatsapp_image_2022-03-08_at_15.12.39.jpeg
s2.glbimg.com/KbcaOum2Kl8phNzXQVYGeEaC0tI=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/08/ 2 KB
2 KB 373ms
370ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/KbcaOum2Kl8phNzXQVYGeEaC0tI=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/08/whatsapp_image_2022-03-08_at_15.12.39.jpeg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: fa04319a232ee5bbb6057c2a50c91523e75dc14684ac1dd356a609f953944b62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 2.0 CachOS
x-bip: 136160313 ra09 20 10
age: 19777
etag: "11af9e0e15956ac8b7d9da86b1fb882d17ddbf1f"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D01E
access-control-allow-headers: Content-Type
content-length: 1612
x-request-id: 544cb65b-92e5-43a8-862a-7842337d43d7
expires: Thu, 07 Apr 2022 20:11:02 GMT

GET
H2 200 de_olho_no_zap_malu_gaspar-2.jpg
s2.glbimg.com/Gfj0XDoMYXXD8-je6JAOKcbqiGA=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/07/ 4 KB
4 KB 372ms
369ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/Gfj0XDoMYXXD8-je6JAOKcbqiGA=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/07/de_olho_no_zap_malu_gaspar-2.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 3fed16689acb8ac4296524824645bce5ed09211edf532e91a60a68a773ee8e21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 2.0 CachOS
x-bip: 136160314 ra09 20 10
age: 46488
etag: "12c98a6bc6abb97550aa1a502938d3a924475257"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D01E
access-control-allow-headers: Content-Type
content-length: 3654
x-request-id: 953bc994-5f1a-4256-8f3d-397be81f5272
expires: Thu, 07 Apr 2022 11:48:51 GMT

GET
H2 200 77633155_sao_paulo_sp_28062018_eleicoes-datena_-_a_coligacao_acelera_sao_paulo_formada_pelos_par.jpg
s2.glbimg.com/9Txxdah0HsaNjj1QhWgwP-FGjOI=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2018/07/06/ 6 KB
6 KB 372ms
370ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/9Txxdah0HsaNjj1QhWgwP-FGjOI=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2018/07/06/77633155_sao_paulo_sp_28062018_eleicoes-datena_-_a_coligacao_acelera_sao_paulo_formada_pelos_par.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 3b34614c1654b65b49dcc355e14fc66c2d96511299e7231b5c5960385935d54a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 2.0 CachOS
x-bip: 135217220 ra09 20 10
age: 137870
etag: "dffe0a61f29e1a12148bd106e81744538fb4056e"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D01E
access-control-allow-headers: Content-Type
content-length: 5830
x-request-id: 9fc3540b-70a8-47d2-bee0-977f7aba0145
expires: Wed, 06 Apr 2022 07:37:58 GMT

GET
H2 200 85687723_bsb_-_brasilia_-_brasil_-_14-11-2019_-_brics_-_na_foto_o_presidente_da_russia_vladimir_put.jpg
s2.glbimg.com/XycDynANWk2tvUDoC17NqUnGqPk=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/02/24/ 2 KB
3 KB 372ms
370ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/XycDynANWk2tvUDoC17NqUnGqPk=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/02/24/85687723_bsb_-_brasilia_-_brasil_-_14-11-2019_-_brics_-_na_foto_o_presidente_da_russia_vladimir_put.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 2a97b811be435ccde4c88a67e0b08cd38e44e7f9532c6242f87e66bddd82fd67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 2.0 CachOS
x-bip: 133229200 ra09 20 10
age: 140726
etag: "16ee5d0d50aa808aa36caba59b1169e115f2ebd2"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D01E
access-control-allow-headers: Content-Type
content-length: 2522
x-request-id: 0048ceeb-2f36-412b-b809-48b7dcdf1df0
expires: Wed, 06 Apr 2022 10:40:36 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 52ms
31ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51216819-1&cid=564303274.1646790363&jid=65261407&gjid=1243621047&_gid=300585408.1646790363&_u=YGDAgEABAAQCAE~&z=1237915904

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Mar 2022 01:46:03 GMT
content-type: text/plain
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=766574652&t=pageview&_s=1&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&dp=%2Fpolitica%2Fblogs%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&ul=en-us&de=UTF-8&dt=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAQCAE~&jid=65261407&gjid=1243621047&cid=564303274.1646790363&tid=UA-51216819-1&_gid=300585408.1646790363&gtm=2wg37055NG4R&cd1=%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&cd2=&cd3=&cd4=20220303&cd5=14&cd6=Waldir%20Ferraz%2CJair%20Bolsonaro%2Cisen%C3%A7%C3%A3o%20de%20imposto%2Casa%20delta%20%2Cjet%20ski&cd7=&cd8=N%C3%A3o&cd9=post&cd10=N%C3%A3o&cd45=Campanha%20-%20newsletter%20%2F%20email&cd46=semente&cd49=politica&cd60=N%C3%A3o&cd82=responsivo&cm1=0&cm2=5&cm3=3434&z=639118110

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 02:46:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82757
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lauro-jardim.png
s2.glbimg.com/ql_8Hc1sv4FV9ECYqHPkg4LYFak=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/ 6 KB
6 KB 360ms
358ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/ql_8Hc1sv4FV9ECYqHPkg4LYFak=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/lauro-jardim.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 8ba77acafe3704e98738f79d44b0a4ecc1d5ba1279b037757a1e9996750075be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 2.0 CachOS
x-bip: 133229201 ra09 20 10
age: 164564
etag: "290a32f393a662cf9f0fe93fb718956d64b7268e"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D01E
access-control-allow-headers: Content-Type
content-length: 5730
x-request-id: 798f01f4-bbcd-4d8c-bcd3-7cc0c4ab9fa7
expires: Wed, 06 Apr 2022 03:46:42 GMT

GET
H2 200 bela-megale.png
s2.glbimg.com/vpTXkNqynRgX0eur8JDdM0gF5JU=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/ 8 KB
8 KB 360ms
358ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/vpTXkNqynRgX0eur8JDdM0gF5JU=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/bela-megale.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 732d42a342d4fff357eb416ce4361d3b20d81948f73fcbf21d8574c2dca53e5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 2.0 CachOS
x-bip: 133229202 ra09 20 10
age: 165818
etag: "f1c5f9368530b9ee4a4f44138a96068a54ee733f"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D01E
access-control-allow-headers: Content-Type
content-length: 8140
x-request-id: c2564b78-1f51-4916-9356-e1fc7432ff6b
expires: Wed, 06 Apr 2022 03:42:24 GMT

GET
H2 200 vera-magalhaes.png
s2.glbimg.com/JtLshQ6k4UsWJvjORUQfwYyAR68=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/ 7 KB
7 KB 360ms
359ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/JtLshQ6k4UsWJvjORUQfwYyAR68=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/vera-magalhaes.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 500d5f282915d0ca5131de4105194e6e9d42045ceb04e4ca814b5de72e24e1ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 2.0 CachOS
x-bip: 135217221 ra09 20 10
age: 165810
etag: "e3b63f57430c5edae529e279d08789697dd8e567"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D01E
access-control-allow-headers: Content-Type
content-length: 6684
x-request-id: b2a6b700-9fea-46bd-b497-7798eb79f31d
expires: Wed, 06 Apr 2022 03:39:05 GMT

GET
H2 200 merval-pereira.png
s2.glbimg.com/cYGryP8LpXJt_mwsufw7KP2JQR8=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/ 5 KB
5 KB 360ms
359ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/cYGryP8LpXJt_mwsufw7KP2JQR8=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/merval-pereira.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 49cd1c5d3ec59da0b3dbf261e5b921acd2a425d03fa5af46831d1a4750ef4416

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 2.0 CachOS
x-bip: 136160315 ra09 20 10
age: 165819
etag: "1ee251bcb1da3eed3cb9ec5ecaffac621c754513"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D01E
access-control-allow-headers: Content-Type
content-length: 5212
x-request-id: 031b9ed8-81fe-41b5-a359-45a78e9601d9
expires: Wed, 06 Apr 2022 03:42:24 GMT

GET
H2 200 bernardo-mello-franco.png
s2.glbimg.com/1J75iuQfzv2Vqn30KNYDuPPfg6A=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/ 5 KB
6 KB 360ms
359ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/1J75iuQfzv2Vqn30KNYDuPPfg6A=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/bernardo-mello-franco.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 1f0d88fbcf99c888a2369a9d42ff96524c97d8fc1e6c0409395653afe68f7563

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 2.0 CachOS
x-bip: 55817581 ra09 20 10
age: 165819
etag: "21c244aadbc8971229da9bc94bf8f52a9701d1a2"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB4D01E
access-control-allow-headers: Content-Type
content-length: 5376
x-request-id: 40d5d4b1-de23-42f5-ae98-cc8b8c9575aa
expires: Wed, 06 Apr 2022 03:39:04 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1064234515/ 42 B
64 B 48ms
30ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1064234515/?random=1646790363188&cv=9&fst=1646787600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&async=1&fmt=3&is_vtc=1&random=489456993&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1064234515/ 42 B
64 B 47ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1064234515/?random=1646790363188&cv=9&fst=1646787600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&async=1&fmt=3&is_vtc=1&random=489456993&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/984971963/ 42 B
64 B 46ms
31ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/984971963/?random=1646790363190&cv=9&fst=1646787600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&async=1&fmt=3&is_vtc=1&random=2198861200&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/984971963/ 42 B
64 B 47ms
31ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/984971963/?random=1646790363190&cv=9&fst=1646787600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&async=1&fmt=3&is_vtc=1&random=2198861200&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cadun.js Show response
s.glbimg.com/pc/ca/ 14 KB
6 KB 229ms
229ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/cadun.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

Resource Hash

9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 518692191 ra11 03 08
age: 535861
content-length: 5547
x-xss-protection: 1; mode=block
x-request-id: 0123182e-dfb6-4768-aaa0-492229f80ce8
last-modified: Wed, 27 Jan 2021 20:50:06 GMT
x-thanos: 0AB5D032
etag: W/"6011d1fe-3759"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 20:55:01 GMT

GET
H2 200 horizon-client-js.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 11 KB
4 KB 227ms
227ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=201810192058
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-openstack-request-id: tx0913e19bd1fd4a388305d-006228049b
last-modified: Fri, 13 Nov 2020 17:21:38 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1605288097.88717
cache-control: public, max-age=600
x-trans-id: tx0913e19bd1fd4a388305d-006228049b
x-request-id: 1e803e42-1a4d-4940-8430-ac7e4c602517

GET
H2 200 tv4.min.js Show response
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 28 KB
10 KB 228ms
227ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-openstack-request-id: tx79f555ca6a444220b414f-00617b05f6
last-modified: Fri, 25 May 2018 14:11:50 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1527257509.32548
cache-control: public, max-age=31536000
x-trans-id: tx79f555ca6a444220b414f-00617b05f6
x-request-id: f94bc325-bc1b-4249-8ec0-9f111eed0b4e

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
78 B 144ms
143ms Script
application/x-javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=105963d6a85983fe6749345bbe10&acc=13574&url=https%3A//blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tit=Isen%E7%E3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&h1=Isen%E7%E3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e90227ac84523af-ZRH
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2 204 usermatch.gif Show response
beacon.krxd.net/ 0
338 B 92ms
29ms Script
text/plain 54.229.130.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=105963d6a85983fe6749345bbe10
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.130.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-130-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1646790363
x-served-by: beacon-n014-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 utag.114.js Show response
tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/ 6 KB
2 KB 22ms
22ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.114.js?utv=202001231859
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cf8524fe3df4089aaccb94904c865d32a9296371f3595b8d20828501739ac66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
last-modified: Fri, 08 Jan 2021 14:46:46 GMT
server: AkamaiNetStorage
etag: "9c019eda3facc81fb1d1142a818a7811:1610117206.926317"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2153
expires: Thu, 24 Mar 2022 01:46:03 GMT

GET
H2 200 utag.159.js Show response
tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/ 1 KB
927 B 21ms
21ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.159.js?utv=201911252026
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a7c39868fc1fc707911067e2198b65860f351942aa5fdca625d52b24de8545bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
last-modified: Fri, 08 Jan 2021 14:46:45 GMT
server: AkamaiNetStorage
etag: "cc2306e0f9a6ea18b631d36b225520c0:1610117205.684899"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 698
expires: Thu, 24 Mar 2022 01:46:03 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 19ms
19ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410270039520634&ev=PageView&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646790363328&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1646790363269.304684564&it=1646790363138&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 01:46:03 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 19ms
19ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410270039520634&ev=ViewContent&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646790363328&sw=1600&sh=1200&v=2.9.55&r=stable&ec=1&o=30&fbp=fb.1.1646790363269.304684564&it=1646790363138&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 01:46:03 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 20ms
19ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410270039520634&ev=ContentData&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646790363329&cd[idMateria]=%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&cd[dtPublicacao]=20220303&cd[tipoConteudo]=post&cd[conteudoExclusivo]=N%C3%A3o&cd[topicos]=&sw=1600&sh=1200&v=2.9.55&r=stable&ec=2&o=30&fbp=fb.1.1646790363269.304684564&it=1646790363138&coo=false&tm=2&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 01:46:03 GMT

GET
H/1.1 200
OK ab67656300005f1feef79be49cb4c6613e44382e
i.scdn.co/image/ Frame 3AB3 25 KB
25 KB 57ms
7ms Image
image/jpeg 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.scdn.co/image/ab67656300005f1feef79be49cb4c6613e44382e
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c60bb9b0e504362a194028c89e93a7aed3dcb173d9fe38ee129d7a35cd84dcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:03 GMT
Last-Modified: Mon, 03 May 2021 17:10:24 GMT
Age: 1182061
ETag: "e6a17f48fea8cdda8e517c9e48eda86c"
X-Served-By: cache-ord1742-ORD, cache-hhn11538-HHN
X-Cache: HIT, HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 25207
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK CircularSpUIv3T-Book.3466e0ec.woff2
open.scdn.co/cdn/fonts/ Frame 3AB3 67 KB
68 KB 18ms
17ms Font
application/octet-stream 2a04:4e42:62::760
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://open.scdn.co/cdn/fonts/CircularSpUIv3T-Book.3466e0ec.woff2
Requested by: Host: open.spotify.com
URL: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:62::760 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1e9022d2e68559c3306657470dc8b02a28508564a67a45d70012205aca3eba47

Request headers

Referer: https://open.spotify.com/
Origin: https://open.spotify.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:03 GMT
Last-Modified: Wed, 08 Sep 2021 15:56:05 GMT
Age: 15672952
ETag: "6ff898ba447ac00bc6e457d25bcb0be8"
X-Served-By: cache-ord1734-ORD, cache-hhn11550-HHN
X-Cache: HIT, HIT
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 68852
X-Cache-Hits: 1, 267902

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 19ms
19ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51216819-1&cid=564303274.1646790363&jid=65261407&_u=YGDAgEABAAQCAE~&z=535118392

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51216819-1&cid=564303274.1646790363&jid=65261407&_u=YGDAgEABAAQCAE~&z=535118392

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
o22381.ingest.sentry.io/api/1409086/envelope/ Frame 3AB3 2 B
245 B 30ms
8ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o22381.ingest.sentry.io/api/1409086/envelope/?sentry_key=80341f4271be4aec89050e48a0e4553e&sentry_version=7

Requested by

Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed/vendor~embed.550b1e0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://open.spotify.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://open.spotify.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 2

GET
H2 200 / Show response
apresolve.spotify.com/ Frame 3AB3 273 B
266 B 36ms
15ms Fetch
application/json 2600:1901:0:524d::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apresolve.spotify.com/?type=dealer&type=spclient
Requested by: Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed/vendor~embed.550b1e0b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:524d:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 33943c7e6d99cbe1a37a44f8043f1ab52c797d5612792a7c97fb4069a1a69f55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://open.spotify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
via: 1.1 google

GET
H2 200 sexqhznbn.js Show response
cdn.krxd.net/controltag/ 75 KB
21 KB 25ms
7ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.159.js?utv=201911252026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5eb0c95f0d7179c64baa27e947a3e78dc669a72397f690adfec421d751cf3446

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 09 Mar 2022 01:46:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 156
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 20776
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kjyo7100035-IAD, cache-hhn4059-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1646790364.559462,VS0,VE1
etag: "5de8f588c1acbc44ba73a5864b7b57b763c894e2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 44ms
20ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.114.js?utv=202001231859

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3e03356c9dcc487b194fa5d0ae3b43d578c114aeb8225ef28d8d44d4432aac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27774
x-xss-protection: 0
server: sffe
etag: "1154 / 971 of 1000 / last-modified: 1646780693"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Mar 2022 01:46:03 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 7ms
7ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=globo/infoglobo.oglobo/202203041504&cb=1646790363540
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Wed, 09 Mar 2022 01:56:03 GMT

GET
H2 200 events Show response
api.deep.bi/v1/streams/EJntYTLE3eKP/ 14 B
577 B 58ms
32ms XHR
text/plain 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Requested by

Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cbf3fc2fdbac78ea4d750fdb7e590b02db8563f8ab7e54501225e5312c86be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 6e90227cd8d3020d-ZRH
pragma: no-cache
date: Wed, 09 Mar 2022 01:46:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
p3p: policyref="http://api.deep.bi/w3c/p3p.xml", CP="ADMa DEVa TAIa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
content-length: 14
expires: 0

OPTIONS
H2 204 events
api.deep.bi/v1/streams/EJntYTLE3eKP/ Frame 0
0 57ms
57ms Preflight 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e90227c5b17cc4a-ZRH

GET
H2 200 15688-pbjs-floors.json Show response
ads.rubiconproject.com/floors/ 62 KB
5 KB 9ms
8ms XHR
application/json 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/floors/15688-pbjs-floors.json
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 499124536b9ce87a72cd94fe09eb47ff43e76816b293f3ff90f21113e6c63d85

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 00:41:01 GMT
server: Apache
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1500
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5404

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 34ms
19ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220309

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87bfbda6a39ce7ea80accdd34f44fd40136aea34de371e01e2d7d851a8c530cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20643
x-jsd-version: 1.0.1275
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19125-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66d-WzFUWmLiQVcWM4xayPCMmHf7aV0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6e90227c8f1023c7-ZRH

GET
H2 200 glb-pv-min.js Show response
s.glbimg.com/bu/rt/js/ 2 KB
1 KB 226ms
226ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/bu/rt/js/glb-pv-min.js

Requested by

Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/js/barra-globocom.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

33.79.211.35.bc.googleusercontent.com

Software

Resource Hash

58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 517847991 ra11 03 08
age: 170
content-length: 969
x-xss-protection: 1; mode=block
x-request-id: 2b5b40da-58ea-48dc-bac8-672889c65466
last-modified: Mon, 04 Feb 2019 16:44:48 GMT
x-thanos: 0AB5D032
etag: W/"5c586c00-703"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:43:13 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035227/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
350 B

10ms
10ms

Script
application/javascript

13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:26:44 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 1160
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: o66pRY3LgKqHk6zkUJbldnPGvv8Ed46BwIc5icr8GOZLnDnn-timTQ==

Redirect headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: jUPFCbU0AEiRni6hIi1BUMSl1iE9mAFSBApHmRoO3KHAMWx-gUZ_DQ==

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1646790363592&ns_c=UTF-8&c8=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%2...
https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1646790363592&ns_c=UTF-8&c8=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%...

64 B
328 B

10ms
9ms

Image
image/gif

13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1646790363592&ns_c=UTF-8&c8=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&c7=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&c9=
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 0oa6A9oJxdnCC7mo02hxdt1DD-p9_PS42huhx5cIcFKLCIwQKKWgag==

Redirect headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1646790363592&ns_c=UTF-8&c8=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&c7=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&c9=
content-length: 455
x-amz-cf-id: VE1V6Qn4QgSV59HC_cywR0SVMlhdMhdmpA__JAd6gxGA7mNrsLuKQg==

OPTIONS
H2 204 function-hermes
us-central1-white-list-566.cloudfunctions.net/ Frame 0
0 147ms
124ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-white-list-566.cloudfunctions.net/function-hermes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-max-age: 3600
content-type: text/html; charset=utf-8
function-execution-id: zfw95ruh8051
x-cloud-trace-context: badbaf9bc5d71892dd86ce178bd231bf
date: Wed, 09 Mar 2022 01:46:03 GMT
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 1.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 27 KB
5 KB 229ms
229ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/1.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: a0b4ba1e324e044ece6be49b1920184bf4d9250689e1bb2fc551f5d2ae2fe003

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:20:02 GMT
Content-Encoding: gzip
Age: 1546
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 4558
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a03d77f0-6b23-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 9616

GET
H/1.1 200
OK 17.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 6 KB
2 KB 457ms
228ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/17.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: ad60ae41b6900e1f42ff17b3a4fa05d0c5dd7b88470e1bff9dd4fbd7ccbce98b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:20:20 GMT
Content-Encoding: gzip
Age: 1543
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1885
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a0615f34-16bd-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 9539

POST
H3 200 function-hermes Show response
us-central1-white-list-566.cloudfunctions.net/ 29 B
67 B 287ms
269ms Fetch
application/json 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-white-list-566.cloudfunctions.net/function-hermes
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: d5229b2bfadd599d39120f6ff602363038f3a840e0aece62865636f1ac30872f

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
server: Google Frontend
content-type: application/json
access-control-allow-origin: https://blogs.oglobo.globo.com
x-cloud-trace-context: 70bb00498c289611adb143b405a3a276
cache-control: private
access-control-allow-credentials: true
function-execution-id: 2j79q5808qcz
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49

GET
H2 200 horizon-pageview
horizon.globo.com/auth-session/activity/blogs/ 0
323 B 341ms
114ms Image
text/plain 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horizon.globo.com/auth-session/activity/blogs/horizon-pageview?object=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&Referrer=&tags=&client_version=0.3.11

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
x-served-from: hzt-tsuru
content-length: 0
strict-transport-security: max-age=60
content-type: text/plain; charset=UTF-8

GET
H2 200 login.css
s.glbimg.com/pc/ca/ 846 B
836 B 226ms
225ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/login.css

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-81-117.prt.globo.com

Software

Resource Hash

d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 517847994 ra11 03 08
age: 9984
content-length: 431
x-xss-protection: 1; mode=block
x-request-id: 46a92f01-8d5f-4061-b6d4-1c0080bc5f1b
last-modified: Wed, 27 Jan 2021 20:50:06 GMT
x-thanos: 0AB5D032
etag: W/"6011d1fe-34e"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Tue, 15 Mar 2022 22:59:39 GMT

OPTIONS
H2 204 logged
cocoon.globo.com/v2/user/ Frame 0
0 686ms
228ms Preflight 201.7.182.243
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 201.7.182.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods: POST, OPTIONS
access-control-allow-credentials: true
x-request-id: 040844b8-d164-47aa-b3ee-db38a9ffc559
x-thanos: 0A83D0A3

POST
H2 200 logged Show response
cocoon.globo.com/v2/user/ 188 B
700 B 687ms
234ms XHR
application/json 201.7.182.243
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 201.7.182.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: /
Resource Hash: adf0de2a146c80d8549cdf9a0e5d79960f15a8a76e0e65398fb83574d3734ce2

Request headers

Referer: https://blogs.oglobo.globo.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
x-thanos: 0A8490A7
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
p3p: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
x-request-id: a9e1e6c9-5dcd-4d2d-8649-4f2acd95c344

GET
H2 200 schemas Show response
horizon-schemas.globo.com/ 115 KB
11 KB 682ms
229ms XHR
application/json 186.192.81.117
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://horizon-schemas.globo.com/schemas

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.117 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

205f829321df9fe22b15f5e4047370daaaa068193dac04c4bb4eca67d2960c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 148684093 ra09 20 15
age: 873
vary: X-Forwarded-Proto, Accept-Encoding, Origin
content-length: 11250
x-xss-protection: 1; mode=block
x-request-id: 319290bd-8921-4539-b2e1-77c84b37bebc
access-control-allow-origin: https://blogs.oglobo.globo.com
x-thanos: 0AB4D022
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json; charset=UTF-8
via: 2.0 CachOS
cache-control: max-age=7200, public
accept-ranges: bytes

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 8ms
7ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
age: 1203378
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 681643
content-length: 84509
x-served-by: cache-hhn4059-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1646790364.640006,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H3 200 pubads_impl_2022030301.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
122 KB 23ms
6ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 21:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Mar 2023 21:48:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1002 B
350 B 31ms
16ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f8c3be568f18447a98349ceceb4a2ea026ade7ee95bfe8f050544f302652243

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Wed, 09 Mar 2022 01:46:03 GMT

GET
H2 200 get_access_token Show response
open.spotify.com/ Frame 3AB3 188 B
437 B 37ms
36ms Fetch
application/json 2600:1901:1:c36::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://open.spotify.com/get_access_token?reason=transport&productType=embed

Requested by

Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed/vendor~embed.550b1e0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:c36:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

f3969a29d1c0369114217956a50741ad3ce1b323124650445b411d103cbf9d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://open.spotify.com/embed-podcast/episode/3PtJkj856nwoi79q6txIQA?utm_source=generator
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

sp-trace-id: 2fb8c953c7528bc8
date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
spotify-request-id: 33009886-5d8d-45e6-a673-120c06c44678
vary: Accept-Encoding,Accept-Encoding
content-type: application/json; charset=utf-8
via: HTTP/2 edgeproxy, 1.1 google
strict-transport-security: max-age=31536000
alt-svc: clear
server: envoy
x-join-the-band: https://www.spotify.com/jobs/

POST
H2 200 events Show response
gew1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 3AB3 13 B
106 B 128ms
127ms Fetch
application/json 2600:1901:1:5ca::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew1-spclient.spotify.com/gabo-receiver-service/public/v3/events

Requested by

Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed/vendor~embed.550b1e0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:5ca:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://open.spotify.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
date: Wed, 09 Mar 2022 01:46:03 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 39
via: HTTP/2 edgeproxy, 1.1 google

POST
H2 200 events Show response
gew1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 3AB3 13 B
139 B 128ms
127ms Fetch
application/json 2600:1901:1:5ca::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew1-spclient.spotify.com/gabo-receiver-service/public/v3/events

Requested by

Host: open.scdn.co
URL: https://open.scdn.co/cdn/build/embed/vendor~embed.550b1e0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:5ca:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

debf84af8d66827e1cbc6791aa686504e3116d8cb20f4697fef23108333061f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://open.spotify.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
server: envoy
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
date: Wed, 09 Mar 2022 01:46:03 GMT
access-control-max-age: 604800
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 39
via: HTTP/2 edgeproxy, 1.1 google

OPTIONS
H2 200 events
gew1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 0
0 50ms
16ms Preflight 2600:1901:1:5ca::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew1-spclient.spotify.com/gabo-receiver-service/public/v3/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:5ca:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://open.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Wed, 09 Mar 2022 01:46:03 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

OPTIONS
H2 200 events
gew1-spclient.spotify.com/gabo-receiver-service/public/v3/ Frame 0
0 49ms
16ms Preflight 2600:1901:1:5ca::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gew1-spclient.spotify.com/gabo-receiver-service/public/v3/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:1:5ca:: , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://open.spotify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Origin, Content-Type, Spotify-App-Version, App-Platform, X-Spotify-Connection-Id, X-Client-Id, X-Spotify-Quicksilver-Uri, client-token, content-access-token, x-cloud-trace-context
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH
access-control-allow-credentials: true
access-control-max-age: 604800
content-length: 0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Wed, 09 Mar 2022 01:46:03 GMT
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: clear

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 6690 805 B
826 B 6ms
6ms Document
text/html 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Mar 2022 01:46:03 GMT
via: 1.1 varnish
age: 688783
x-served-by: cache-hhn4059-HHN
x-cache: HIT
x-cache-hits: 203407
x-timer: S1646790364.720618,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

OPTIONS
H2 204 events
api.deep.bi/v1/streams/EJntYTLE3eKP/ Frame 0
0 61ms
61ms Preflight 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e90227d5b5acc4a-ZRH

POST
H2 204 events Show response
api.deep.bi/v1/streams/EJntYTLE3eKP/ 0
34 B 31ms
30ms XHR
text/plain 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Requested by

Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Content-Type: application/json

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
cf-ray: 6e90227db955020d-ZRH

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 38ms
17ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
server: ATS/9.1.0.33
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
301 B 103ms
87ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 94d45f2d11ad1fcd0597ac2c7ff6ca72408d946e12e31db1a205a24590393392

Request headers

Referer: https://blogs.oglobo.globo.com/
x-openrtb-version: 2.5
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
content-length: 66

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
564 B 99ms
68ms XHR
application/json 81.17.55.160
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:02 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
824 B 43ms
13ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

nginx/1.17.9 /

Resource Hash

90caf102605bf42cf4c0ddc4bfe64dc0f943c5a351be5bf34c6b835c371db5a9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:03 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 193c23c6-cb2e-440a-909e-26780197327f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
319 B 83ms
45ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.0&cb=41031774815

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 438 B
1 KB 86ms
61ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=280410&zone_id=1398996&size_id=16&eid_pubcid.org=5e3973f6-7c15-4294-a773-c250da425a70%5E1&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tg_i.adunit=info.web.oglobo&tg_i.page_name=post&tg_i.platform=desktop&tg_i.aupname=%2F85042905.*%26pub-box-materia.*&tg_i.dfp_ad_unit_code=85042905%2Finfo.web.oglobo&tg_i.pbadslot=85042905%2Finfo.web.oglobo&tk_flint=dmpbjs_v5.20.0&x_source.tid=c7ee1015-a6f5-468b-8a99-c6c5ae880a40&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7923740831551662
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 367a74a69531cdf93cd1b24a03a242ee0a7214edff4292b22837a0e98b1d6517

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:03 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 438
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 sexqhznbn.js Show response
cdn.krxd.net/controltag/ Frame 6690 75 KB
21 KB 9ms
9ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5eb0c95f0d7179c64baa27e947a3e78dc669a72397f690adfec421d751cf3446

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 09 Mar 2022 01:46:03 GMT
via: 1.1 varnish, 1.1 varnish
age: 156
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 20776
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kjyo7100035-IAD, cache-hhn4059-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1646790364.784564,VS0,VE0
etag: "5de8f588c1acbc44ba73a5864b7b57b763c894e2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 2

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ 220 B
426 B 56ms
34ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 53eb5937aba5ef2d6a082bc093f79099235a41158bb93c3211fbdcea335a451e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a011-dub-prod.krxd.net, cache-hhn4059-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1646790364.807556,VS0,VE28
content-length: 187
x-cache-hits: 0, 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame EA20 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://blogs.oglobo.globo.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Wed, 09 Mar 2022 01:46:03 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 6690 259 KB
83 KB 8ms
8ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
age: 1203378
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 681644
content-length: 84509
x-served-by: cache-hhn4059-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1646790364.799546,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ Frame 6690 220 B
262 B 6ms
6ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 53eb5937aba5ef2d6a082bc093f79099235a41158bb93c3211fbdcea335a451e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a011-dub-prod.krxd.net, cache-hhn4059-HHN
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1646790364.844931,VS0,VE0
content-length: 187
x-cache-hits: 0, 1

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2E23 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://blogs.oglobo.globo.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Wed, 09 Mar 2022 01:46:03 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 71ms
28ms Script
application/javascript 2606:4700:3032::ac43:bf95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/1.tiny.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:bf95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1716
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 44JNMB61M3NVDQKK
x-amz-id-2: n9/fJYyUwQqyGHt94QiuaMjG/+keiOaV3UAEUov0/Y2PlXPsklPLoQdY/zJ1LA3yK3lbD8pg5mI=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSu4vOtjkBxk6b3RW4xWtHjYPcK1fiIgbyaduNKDxS2gfGgn%2FsN453RJlGX34MkSZLRcfiy5y6IDzb%2Bur3FK7vgixnOHqNcJpGr12dqyBT0qzTNaXArwjOtvlMmTMv1fStJ24iT5Tr3VfGNId8M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 6e90227e691983a8-MXP

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6690
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=google
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3ROQ19GVVk
https://beacon.krxd.net/usermatch.gif?google_gid=CAESENPVYn7kqfU0Ljb6MVe4VKs&google_cver=1

0
337 B

29ms
29ms

Image
text/plain

54.229.130.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESENPVYn7kqfU0Ljb6MVe4VKs&google_cver=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 54.229.130.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-130-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
cache-control: private, no-cache, no-store
x-request-time: D=83 t=1646790364
x-served-by: beacon-n016-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESENPVYn7kqfU0Ljb6MVe4VKs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6690
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3ROQ19GVVk
https://beacon.krxd.net/usermatch.gif?google_gid=CAESENPVYn7kqfU0Ljb6MVe4VKs&google_cver=1

0
337 B

30ms
29ms

Image
text/plain

54.229.130.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESENPVYn7kqfU0Ljb6MVe4VKs&google_cver=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 54.229.130.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-130-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1646790363
x-served-by: beacon-n005-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESENPVYn7kqfU0Ljb6MVe4VKs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6690
Redirect Chain

https://stags.bluekai.com/site/26357?id=OtNC_FUY&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOtNC_FUY%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
https://beacon.krxd.net/usermatch.gif?_kuid=OtNC_FUY&partner=bluekai&bk_uuid=$_BK_UUID

0
337 B

29ms
29ms

Image
text/plain

54.229.130.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?_kuid=OtNC_FUY&partner=bluekai&bk_uuid=$_BK_UUID
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 54.229.130.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-130-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
cache-control: private, no-cache, no-store
x-request-time: D=51 t=1646790364
x-served-by: beacon-n023-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?_kuid=OtNC_FUY&partner=bluekai&bk_uuid=$_BK_UUID
Date: Wed, 09 Mar 2022 01:46:04 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6690
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=pivlZM4KQ9xa2sdSxENV9TfCSaSA7Sol

0
337 B

29ms
29ms

Image
text/plain

54.229.130.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=pivlZM4KQ9xa2sdSxENV9TfCSaSA7Sol
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 54.229.130.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-130-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
cache-control: private, no-cache, no-store
x-request-time: D=54 t=1646790363
x-served-by: beacon-n001-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=pivlZM4KQ9xa2sdSxENV9TfCSaSA7Sol
date: Wed, 09 Mar 2022 01:46:03 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3874
content-length: 218
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 p
sb.scorecardresearch.com/ Frame 6690 64 B
442 B 8ms
7ms Image
image/gif 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OtNC_FUY&rn=1646790364
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 9DfIDgBoiSSTrho_cXjj-VsGkIMrNa8ZhENh7wzwzXPvMLNzlG6oBQ==

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6690
Redirect Chain

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OtNC_FUY&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=OtNC_FUY&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=91526911195145998380377231758405803155

0
337 B

29ms
29ms

Image
text/plain

54.229.130.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=91526911195145998380377231758405803155
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 54.229.130.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-130-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
cache-control: private, no-cache, no-store
x-request-time: D=39 t=1646790364
x-served-by: beacon-n006-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

DCS: dcs-prod-irl1-1-v029-036945c08.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: J14+3XG2QUg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=91526911195145998380377231758405803155
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6690
Redirect Chain

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID
https://beacon.krxd.net/usermatch.gif?adnxs_uid=4405819583841532178

0
337 B

29ms
29ms

Image
text/plain

54.229.130.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?adnxs_uid=4405819583841532178
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 54.229.130.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-130-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
cache-control: private, no-cache, no-store
x-request-time: D=65 t=1646790363
x-served-by: beacon-n018-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:03 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1e51ba3c-3223-41e4-8942-6e30a375afca
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://beacon.krxd.net/usermatch.gif?adnxs_uid=4405819583841532178
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 6690
Redirect Chain

https://ib.adnxs.com/mapuid?member_id=1780&user=OtNC_FUY
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOtNC_FUY

43 B
832 B

13ms
13ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOtNC_FUY

Requested by

Protocol

HTTP/1.1

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:04 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6a5b598b-c319-4f84-bdb8-b2a1e187a081
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:04 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fae71b8b-cba5-49d3-8904-16a7b8231499
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOtNC_FUY
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame 6690 42 B
416 B 33ms
16ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=OtNC_FUY
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:03 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6690
Redirect Chain

https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L0IWGP0F-M-IZAT&gdpr=0

0
337 B

30ms
30ms

Image
text/plain

54.229.130.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L0IWGP0F-M-IZAT&gdpr=0
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 54.229.130.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-130-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
cache-control: private, no-cache, no-store
x-request-time: D=73 t=1646790363
x-served-by: beacon-n009-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L0IWGP0F-M-IZAT&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

usersync
pixel-sync.sitescout.com/connectors/krux/ Frame 6690
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=sitescout
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OtNC_FUY&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID

0
191 B

72ms
23ms

Image
text/plain

66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OtNC_FUY&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:03 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OtNC_FUY&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
date: Wed, 09 Mar 2022 01:46:04 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a005-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6690
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=verizon
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=OtNC_FUY
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-UXVccslE2ptoVhdke2uLLUm0ARiJlMYmAw--~A

0
337 B

32ms
32ms

Image
text/plain

54.229.130.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-UXVccslE2ptoVhdke2uLLUm0ARiJlMYmAw--~A
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 54.229.130.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-130-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
cache-control: private, no-cache, no-store
x-request-time: D=30 t=1646790364
x-served-by: beacon-n012-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Wed, 09 Mar 2022 01:46:04 GMT
via: http/1.1 spdc0110.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-UXVccslE2ptoVhdke2uLLUm0ARiJlMYmAw--~A
content-length: 0

GET
H2

200

sync
sync.navdmp.com/ Frame 6690
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=navegg
https://sync.navdmp.com/sync?prtid=30&salid=OtNC_FUY

6 B
81 B

143ms
142ms

Image
application/javascript

2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?prtid=30&salid=OtNC_FUY
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e9022801a6923af-ZRH
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

Redirect headers

location: https://sync.navdmp.com/sync?prtid=30&salid=OtNC_FUY
date: Wed, 09 Mar 2022 01:46:04 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a013-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6690
Redirect Chain

https://sync.1rx.io/usersync/krux/OtNC_FUY?dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/krux/OtNC_FUY?zcc=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D&cb=1646790363978
https://sync.targeting.unrulymedia.com/csync/RX-f7dcba78-2e7b-470d-8d05-897c90d1cbd5-003?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3DRX-f7dcba78-2e7b-4...
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-f7dcba78-2e7b-470d-8d05-897c90d1cbd5-003

0
337 B

29ms
29ms

Image
text/plain

54.229.130.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-f7dcba78-2e7b-470d-8d05-897c90d1cbd5-003
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 54.229.130.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-130-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
cache-control: private, no-cache, no-store
x-request-time: D=53 t=1646790364
x-served-by: beacon-n017-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-f7dcba78-2e7b-470d-8d05-897c90d1cbd5-003
date: Wed, 09 Mar 2022 01:46:04 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXf7dcba782e7b470d8d05897c90d1cbd5003
content-type: text/html

GET getdata.xgi
r.nexac.com/e/ Frame 6690 0
0

GET
H/1.1 200
OK oglobo-footer.css
oglobo.globo.com/styles/ 3 KB
2 KB 229ms
228ms Stylesheet
text/css 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/styles/oglobo-footer.css

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/1/scripts/oglobo-footer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

c036d051096780db5070187516c5277d7f6dc7972d6e92e5b6843c07da4a70a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 15:15:27 GMT
Content-Encoding: gzip
Age: 1074635
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 746
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 16:44:54 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a0657ee8-a1e-5d7fd22cb4d80"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 63839

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 42ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 43ms
19ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 361ms
361ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3407008794403309&correlator=467993682284138&eid=31065486%2C31060032%2C31063246&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220309&iu_parts=85042905%2Cinfo.web.oglobo&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x250%7C970x150&fsapi=false&prev_scp=Editora.pos%3DTop%26Editora.random%3D3&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&abxe=1&dt=1646790363941&lmt=1646790363&dlt=1646790358657&idt=5094&biw=1600&bih=1200&oid=2&adxs=315&adys=178&ucis=1&adks=3847855073&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x180&msz=970x150&fws=0&ohw=0&ga_vid=564303274.1646790363&ga_sid=1646790364&ga_hid=766574652&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

995a902ab7eae0199110bcc4cf7ee14ecd7e0e4fc1e06854a9f1d6c08839755b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9025
x-xss-protection: 0
google-lineitem-id: 5770128229
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360598294
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 410 B
251 B 59ms
58ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3407008794403309&correlator=2813995658609590&eid=31065486%2C31060032%2C31063246&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220309&iu_parts=85042905%2Cinfo.web.oglobo&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&fsapi=false&prev_scp=Editora.pos%3DDhtml%26Editora.random%3D10&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&abxe=1&dt=1646790363946&lmt=1646790363&dlt=1646790358657&idt=5094&biw=1600&bih=1200&oid=2&adxs=800&adys=5498&ucis=2&adks=506899097&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x5754&msz=1600x30&fws=0&ohw=0&ga_vid=564303274.1646790363&ga_sid=1646790364&ga_hid=766574652&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

095714e1c7381ce265f55b3207d9b283e4be9c54f04a032492446b57d70ac788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 222
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 285ms
284ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3407008794403309&correlator=2446301732807180&eid=31065486%2C31060032%2C31063246&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220309&iu_parts=85042905%2Cinfo.web.oglobo&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&fsapi=false&prev_scp=Editora.pos%3DVitrine&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&abxe=1&dt=1646790363948&lmt=1646790363&dlt=1646790358657&idt=5094&biw=1600&bih=1200&oid=2&adxs=315&adys=5112&ucis=3&adks=1132514348&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x600&msz=1600x300&fws=0&ohw=0&ga_vid=564303274.1646790363&ga_sid=1646790364&ga_hid=766574652&ga_fc=true&btvi=2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bb4c72cf5bc8902eaced7d116901672f8a464c48de75e29f62c1337064fa471

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9045
x-xss-protection: 0
google-lineitem-id: 5770128229
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360598297
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9EE0 6 KB
4 KB 59ms
15ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 09 Mar 2022 01:46:04 GMT
expires: Thu, 09 Mar 2023 01:46:04 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
usergate.globo.com/ 30 B
360 B 944ms
233ms XHR
text/plain 201.7.182.142
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://usergate.globo.com/

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.182.142 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

nginx /

Resource Hash

10315a735324e488fb19426cad06c53dd929c8475d87b3d5fe23d235dfe2f736

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H2 200 cl0iwgoot503ada59nk Show response
scoring.deep.bi/score/EJntYTLE3eKP/ 2 B
196 B 285ms
285ms XHR
application/json 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scoring.deep.bi/score/EJntYTLE3eKP/cl0iwgoot503ada59nk?id=deepcookie&column=profile
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-expose-headers: Amp-Access-Control-Allow-Source-Origin, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
access-control-allow-credentials: true
cf-ray: 6e90227fcc2fcc4a-ZRH
content-length: 2

GET logos.svg
oglobo.globo.com/132/images/ 0
0

GET icons.svg
oglobo.globo.com/132/images/ 0
0

GET logos.svg
oglobo.globo.com/132/images/ 0
0

GET icons.svg
oglobo.globo.com/132/images/ 0
0

GET
H/1.1 200
OK site-header.js Show response
oglobo.globo.com/scripts/ 3 KB
2 KB 229ms
228ms Script
text/javascript 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/scripts/site-header.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/1/scripts/oglobo-header.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

68fa51098bed0736c2c45bdcb8e5b0bad02b2e5a35b4abecdeeb34876bd5547b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 15:15:18 GMT
Content-Encoding: gzip
Age: 1074645
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 821
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 16:42:44 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a04ccbb7-d1d-5d7fd1b0ba900-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-Cache-Hits: 111288

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 3 KB
1 KB 52ms
24ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=GTCopIDc5z

Requested by

Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b56ac92d584b8c536b4beb40c42d57794f15bd69a2b4d146c883bb9736603d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 2759
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: C5gdg8rcdHw
wn: prod-exp-10-0-112-65
last-modified: Wed, 09 Mar 2022 01:00:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 6e9022804e8c2373-ZRH
expires: Wed, 09 Mar 2022 02:16:04 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 275 KB
80 KB 33ms
33ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=GTCopIDc5z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e17ef345a3598b3656b160ca57a1a44dab4365894b10c407f4257bb248504e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 59287
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2Y6RXJMF28ZFXZVV
x-amz-id-2: WcSnSNDFZlWhQqgQm0Q8/m3MqlLBQ5gsk2WPSgQxsGxPbGbyTMrTA4PoFIHmikj9LV3M1DFfO6o=
last-modified: Mon, 28 Feb 2022 15:07:54 GMT
server: cloudflare
etag: W/"d766e4371da10c3c8ec5fecc88497ef7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 6e9022807ea82373-ZRH
expires: Wed, 09 Mar 2022 05:46:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6FF6 0
0 50ms
50ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgVl52UYe4ljLTUOFWu-7lwBkuTvTQWDVR9MjdaDnjYHGk9W0Ld54BJaI-pdcNMQB1Y5IHkOloUQPVQz4Nh5SGv0EU-1rpsP6_K0CgaTevZT4ndJKi4AJPEK0C7LhJ6_J2tLahvwvlh7uLhFRCzZPeWl8q9-eftvPnbDe0QL1d6_n3kS80372B8znzw6aCYmOE1vljA6u8_p_60fqBlN9N8SlPqsvfGKhh1IMmwbD5_I9YEpNw85Lw_Jn7Dz6T7vtRcozpu7a-r1F01V3-o4oKnwkakbHUJ9tTpYiddoEtmnHJgro2ZAsk1R5qvHqNyIOJen3JwQ&sig=Cg0ArKJSzErOczlUfAxWEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6FF6 81 KB
27 KB 21ms
20ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6f909e39a92f09d0cf3e2c8deead669dfb5ec406e2ebd84f6a9e2b81ac61b87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27774
x-xss-protection: 0
server: sffe
etag: "1154 / 416 of 1000 / last-modified: 1646780773"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Mar 2022 01:46:04 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157163/4984/ Frame 6FF6 382 KB
114 KB 64ms
19ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4c8d444e35efe34f5086ccc017f24bbb2806bc086220a70f4861aa79a36568e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 01:14:29 GMT
server: Apache/2.2.15 (CentOS)
etag: "16a1472-5f935-5d2c071e17d7e"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=170339
accept-ranges: bytes
content-type: text/javascript
content-length: 115846
expires: Fri, 11 Mar 2022 01:05:03 GMT

GET
H/1.1 200
OK owHCMR.js Show response
s3.amazonaws.com/script-tags/ Frame 6FF6 12 KB
13 KB 414ms
120ms Script
application/javascript 52.216.143.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.143.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3045f287ed31e2a3bff8a8b6fa4e1575743cae0d2febd6270eaf7011d6c917db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:05 GMT
Last-Modified: Tue, 22 Feb 2022 21:49:42 GMT
Server: AmazonS3
x-amz-request-id: ED82CRY5P4KZZ4HY
ETag: "b7fc2ea65d2d03573f36101d7316ada7"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 12596
x-amz-id-2: Y4z7o3UGdL1i6xEyiszfSZdeENPM+KXi1Li60zHE/dXufD9If8m8u3Zm5fla+Hl4Lt4yz1BWQlI=

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6FF6 124 KB
39 KB 40ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646656195544221"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:46:04 GMT

GET
H3 200 pubads_impl_2022030301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6FF6 364 KB
122 KB 7ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10905
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Mar 2023 22:44:19 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
310 B 24ms
24ms Script
application/javascript 2606:4700::6811:b7b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=GTCopIDc5z

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b7b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d76ceb2de69dd5fc2e60901367522ef328efe5b6e188568e4f725837c8a9ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 89
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Cbifg8rsv2f
pragma
wn: prod-dash-10-0-138-59
last-modified: Wed, 09 Mar 2022 01:44:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.004
cache-control: public, max-age=1200
cf-ray: 6e902280eee12373-ZRH
expires: Wed, 09 Mar 2022 02:06:04 GMT

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 48 KB
6 KB 167ms
140ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=GTCopIDc5z

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7e3be90297384c2b8d8f1d23307e2fe1b28883616b860fda09d316e365757a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: uq5xyj0qni
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6e902281299c0229-ZRH

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9F88 0
0 55ms
54ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYeoNRwWsltwQcnbjQ3zQoFK49FoDadfzsG2wV0N7hw4qCde_BcfguJKhvARIBdT9aLy8oPHCb7HLqKdffzBUa3Rs5gpHgC5QPpmtKTghCVnQ_tlywXh5KKuxtCbsLtJMxcUPQ3umO4bNN3cV3VLEaxmTHubhXyAesQbYqZYohjyCGUaG3QLK-ZajGMqNwUpV86Gh73LzfZ0y9oPjyZdeWr5qTw6HH41qoqUFA44Ep0qaeiOolAAKrDHode-5DwaVOZo1mdw2Wtco5FiAmo9oxIPIRy5yB7QKhDcZxzf-TKFc6aXtWyKZ7R9JfsEM9u_En4U6yrA&sig=Cg0ArKJSzG6KJ2fnk7C1EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 9F88 81 KB
27 KB 16ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3e03356c9dcc487b194fa5d0ae3b43d578c114aeb8225ef28d8d44d4432aac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27774
x-xss-protection: 0
server: sffe
etag: "1154 / 191 of 1000 / last-modified: 1646780693"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Mar 2022 01:46:04 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157163/4984/ Frame 9F88 382 KB
114 KB 34ms
33ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4c8d444e35efe34f5086ccc017f24bbb2806bc086220a70f4861aa79a36568e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 01:14:29 GMT
server: Apache/2.2.15 (CentOS)
etag: "16a1472-5f935-5d2c071e17d7e"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=170339
accept-ranges: bytes
content-type: text/javascript
content-length: 115846
expires: Fri, 11 Mar 2022 01:05:03 GMT

GET
H/1.1 200
OK owHCMR.js Show response
s3.amazonaws.com/script-tags/ Frame 9F88 12 KB
13 KB 412ms
118ms Script
application/javascript 52.216.143.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.143.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3045f287ed31e2a3bff8a8b6fa4e1575743cae0d2febd6270eaf7011d6c917db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:05 GMT
Last-Modified: Tue, 22 Feb 2022 21:49:42 GMT
Server: AmazonS3
x-amz-request-id: ED8B66J8G873J35B
ETag: "b7fc2ea65d2d03573f36101d7316ada7"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 12596
x-amz-id-2: m1ANQRXsNGSGjNBdhpjhCUiVTFOJnVVqq7LVWhieCDiEX7awUI3uHWISAYQaH+yJoOsKqKLSuVI=

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9F88 124 KB
38 KB 31ms
16ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646656195544221"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:46:04 GMT

GET
H3 200 pubads_impl_2022030301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9F88 364 KB
122 KB 7ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

33.79.211.35.bc.googleusercontent.com

Software

sffe /

Resource Hash

e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 21:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Mar 2023 21:48:30 GMT

GET
H/1.1 200
OK 4.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 11 KB
3 KB 228ms
228ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/4.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: 3c03ea842496b5ce2c307a811ce2417847ee4b58436c2c652cfc027b83d0b1a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:24:25 GMT
Content-Encoding: gzip
Age: 1298
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 2715
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a0533595-2d6d-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 4490

GET
H/1.1 200
OK 0.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 20 KB
6 KB 229ms
228ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/0.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: 7bb6ec6d26f794ab8fc3186182563ede1fbdca9a4f8ba7683675677f4d8919eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:23:35 GMT
Content-Encoding: gzip
Age: 1334
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 5297
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a0438763-4f5e-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 4864

GET
H/1.1 200
OK 6.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 4 KB
2 KB 457ms
228ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/6.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: 27f86cb6d0e6ce5790d72abf17446027d5afca9b72661f7658923efd376c2b3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:26:00 GMT
Content-Encoding: gzip
Age: 1204
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1453
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a061a4c7-1157-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-Cache-Hits: 3591

GET
H/1.1 200
OK 2.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 4 KB
2 KB 457ms
228ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/2.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: fa05d2dd8dde6a40e518c7d8f5c54030e6f2c41eb8c2b406c63a8d541c2a16b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:28:59 GMT
Content-Encoding: gzip
Age: 1010
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1479
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a0582e6a-113d-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 1480

POST
H3 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 589 B
844 B 182ms
153ms XHR
application/json 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=GTCopIDc5z

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ccb247397abc3e31b52a1f27073ff1542c8cefd01c0f30e9952557438802a4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Cskfg8rCCTm
pragma: no-cache
wn: prod-dash-10-0-117-181
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.004
cf-ray: 6e9022824eedcc62-ZRH
expires: 0

GET
H3 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame E7C6 9 KB
4 KB 174ms
142ms Document
text/html 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45f3c1493a3f00416d2c563dc069b0b2f1daa3843be7819850af2b9c4b609e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: public, max-age=10800
expires: Wed, 09 Mar 2022 04:46:04 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server-time: 0.011
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-85-35
x-forwarded-https: on
x-request-id: Cskfg8rrN4i
x-xss-protection: 0
cf-cache-status: MISS
last-modified: Wed, 09 Mar 2022 01:46:04 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e9022825bea23f7-ZRH
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=766574652&t=event&ni=1&_s=1&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&dp=%2Fpolitica%2Fblogs%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&ul=en-us&de=UTF-8&dt=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Exibicao%20Register&el=showTemplateZKP87MWQMNO1814&_u=aGDAgEABAAQCAE~&jid=&gjid=&cid=564303274.1646790363&tid=UA-51216819-1&_gid=300585408.1646790363&gtm=2wg37055NG4R&cd1=%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=&cd52=564303274.1646790363&cd82=responsivo&z=277817595

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 02:46:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82758
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event.gif
beacon.krxd.net/ 0
499 B 29ms
29ms Image
text/plain 54.229.130.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=NBK4rYWm&event_type=default&acao=Exibicao%20Register&categoria=Piano&rotulo=showTemplateZKP87MWQMNO1814
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.130.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-130-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
cache-control: private, no-cache, no-store
x-request-time: D=132 t=1646790364
x-served-by: beacon-n015-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H2 200 oglobo
horizon-track.globo.com/event/ 0
177 B 330ms
110ms Ping
text/plain 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://horizon-track.globo.com/event/oglobo

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary0JT61f62sI7jBlxE

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
x-served-from: hzt-tsuru
content-length: 0
strict-transport-security: max-age=60
content-type: text/plain; charset=UTF-8

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 6FF6 134 KB
36 KB 23ms
7ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 357
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1G7XE12547NPW9G4CZJ3
date: Wed, 09 Mar 2022 01:40:06 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: YAu4RbNf4TsfHhD_btkIRfZS1imyVnOFY2XSqa79EAK8_vhMjgUIvw==

GET
DATA 200
OK truncated
/ Frame 6FF6 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72c062826f8e06627a0e607ac386093d5fdfee0d8791c8d238dadaf4821243e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6FF6 138 B
979 B 13ms
13ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

nginx/1.17.9 /

Resource Hash

aacef1a37003d77a7beea06c01bcdbf8b0028da074b91bc0d38048675439428f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:04 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bebe9dfd-fc27-4197-a163-353cea6e1d20
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 6FF6 0
121 B 1768ms
43ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://blogs.oglobo.globo.com
date: Wed, 09 Mar 2022 01:46:05 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ Frame 6FF6 338 B
491 B 33ms
17ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU2410EL
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 67c6a206abbf18f268d434fcf523828f77ef00358e962d176ec7212c9ee777b7

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6FF6 433 B
896 B 63ms
63ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1780802&size_id=57&rp_schain=1.0,1!hcodemedia.com,288,1,,,&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tg_i.adunit=oglobo.globo.com.dw.970x250.inter&tg_i.dfp_ad_unit_code=138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter&tg_i.pbadslot=138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter&tk_flint=pbjs_lite_v4.43.0&x_source.tid=19bb4f23-52be-4afd-ad7e-851f972a7a16&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7160467918637867
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: da2ab94964b6350b4f0fbea545418356732f0567355dd9167c7fbfabb107601b

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:04 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 433
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 6FF6 24 B
527 B 51ms
17ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 5bf557acca623db1953ebb3f8533ee8a9cc7ed3b3fdc0b3173d734d859119dcf

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 09 Mar 2022 01:46:04 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ Frame 6FF6 368 B
607 B 101ms
40ms XHR
application/json 34.240.93.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931348&slot=%7Bid:/138871148/oglobo.globo.com.dw.970x250.inter,ss:%5B970.250%5D,p:/138871148/oglobo.globo.com.dw.970x250.inter%7D&wr=970.250&sr=1600.1200&url=https%253A%252F%252Fblogs.oglobo.globo.com%252Fmalu-gaspar%252Fpost%252Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253Dnewstarde
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.93.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-93-178.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: de92a7f5be906d1e35d1d0864029692b91f51c21ec02fe5cac3aa658b213225f

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
x-server-name: app06.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/editoraglobonetwork/ 672 KB
46 KB 23ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 249c8ab2d1004786e46c0d2245aee3fb6b334ad8b57b1c1c197f7380b395ca12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: ME05YfV7Xk3nk5JDqlL6_a_jd7tUPJMD
content-encoding: gzip
etag: "9ad7374eae85eff3cd67b30ac92926c5"
age: 66
x-cache: HIT
content-length: 46716
x-amz-id-2: xnIZ/e74sa8VJOBimVE4HSKxOaQ3zHcYLBSp4nFoSawJFkjO0di5LLAbN8PSZIT/jZS0YJN4JrU=
x-served-by: cache-hhn4078-HHN
last-modified: Tue, 08 Mar 2022 11:17:55 GMT
server: AmazonS3
x-timer: S1646790365.741206,VS0,VE1
date: Wed, 09 Mar 2022 01:46:04 GMT
vary: Accept-Encoding
x-amz-request-id: 2DBRJXV7WFFCA6KK
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 59
x-cache-hits: 1

GET
H3 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame E7C6 33 KB
6 KB 30ms
29ms Stylesheet
text/css 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 4583
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-130-253
last-modified: Mon, 28 Feb 2022 17:52:22 GMT
server: cloudflare
etag: W/"33843-1646070742000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/css
server-time: 0.000
cache-control: public, max-age=7200
cf-ray: 6e9022839c4823f7-ZRH
expires: Wed, 09 Mar 2022 03:46:04 GMT

GET
H3 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame E7C6 30 KB
8 KB 123ms
121ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=GTCopIDc5z&version=1483354452000&language=pt_BR

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e203fc1358e2baa0e35cf6999e059b111046b3e42813527475bdbc1759556c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Cskfg8rNkWw
pragma
wn: prod-dash-10-0-85-35
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 6e9022839c4923f7-ZRH
expires: Wed, 9 Mar 2022 20:46:04 EST

GET
H3 200 platform-translation-map_pt_BR.js Show response
buy.tinypass.com/ng/common/i18n/ Frame E7C6 145 KB
40 KB 31ms
30ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_pt_BR.js?version=14.98.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ceb4e4276ef52ab6c3f1c5a3b58745b325829dab7db3b137a755464bead104c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 36281
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-117-181
last-modified: Mon, 28 Feb 2022 17:52:22 GMT
server: cloudflare
etag: W/"148640-1646070742000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.000
cache-control: public, max-age=86400
cf-ray: 6e9022839c4a23f7-ZRH
expires: Thu, 10 Mar 2022 01:46:04 GMT

GET
H3 200 H4sIAAAAAAAAAD3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA Show response
buy.tinypass.com/_sam/ Frame E7C6 520 KB
156 KB 145ms
144ms Script
text/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA?compressed=true&v=14.98.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe32546d5169b23c05f7018503ecaae96b14615980dea18cc0c825f535bb683

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-115-10
last-modified: Fri, 04 Mar 2022 11:39:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/javascript
server-time: 0.005
cache-control: public, max-age=604800
x-optimized-by: _sam
cf-ray: 6e9022839c4b23f7-ZRH
expires: Wed, 16 Mar 2022 01:46:04 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame E7C6 3 KB
1 KB 48ms
19ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e801d929d36bbebe0459ab81315d374567394b4da357a1e68e4d08ac6946c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 01:46:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Mar 2022 01:46:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Mar 2022 01:46:04 GMT

GET
H3 404 style.css
buy.tinypass.com/checkout/template/ Frame E7C6 0
0 29ms
28ms Stylesheet
text/html 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/style.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/html
cache-control: public, max-age=1200
strict-transport-security: max-age=86400; includeSubDomains
cf-ray: 6e9022839c4c23f7-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 09 Mar 2022 02:06:04 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
319 B 44ms
43ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.0&cb=47185968894

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 436 B
899 B 384ms
360ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=280410&zone_id=1398994&size_id=15&eid_pubcid.org=5e3973f6-7c15-4294-a773-c250da425a70%5E1&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tg_i.adunit=info.web.oglobo&tg_i.page_name=post&tg_i.platform=desktop&tg_i.aupname=%2F85042905.*%26pub-retangulo.*&tg_i.dfp_ad_unit_code=85042905%2Finfo.web.oglobo&tg_i.pbadslot=85042905%2Finfo.web.oglobo&tk_flint=dmpbjs_v5.20.0&x_source.tid=0add20df-92fb-4a29-90e3-8676b252ca3d&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.32073355444522433
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: cdb673d2b72cf41033ca05e225ee82fec70d09d86ac19530d2df1f5fd55fd7a7

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:05 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 436
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 14 KB
6 KB 156ms
156ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a739c552edca5e4351e2918d648480fcd87175c45fec5887b8ebda2ca84a8fe0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 09 Mar 2022 01:46:04 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1053b2d0-c801-45e9-ad52-d8b336f7ef45
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
564 B 75ms
75ms XHR
application/json 81.17.55.160
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.160 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 35ms
19ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 39ms
22ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 237ms
236ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3407008794403309&correlator=3270235606921210&eid=31065486%2C676982996%2C31060032%2C31063246&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220309&iu_parts=85042905%2Cinfo.web.oglobo&enc_prev_ius=%2F0%2F1&prev_iu_szs=640x360%7C640x480&fsapi=false&prev_scp=Info.MatID%3D291505%26Info.Entidades%3Dwaldir-ferraz%252Cjair-bolsonaro%252Cisencao-de-imposto%252Casa-delta%252Cjet-ski%26Editora.random%3D8%26Editora.pos%3DInread&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie=ID%3Db7fd25f58653e3a1%3AT%3D1646790363%3AS%3DALNI_MbCSbspQ_GfjZ5sq8O2JV8HTGF06w&abxe=1&dt=1646790364738&lmt=1646790364&dlt=1646790358657&idt=5094&biw=1600&bih=1200&oid=2&adxs=455&adys=1413&ucis=4&adks=112552219&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=20&vis=1&scr_x=0&scr_y=0&psz=620x3587&msz=620x360&fws=4&ohw=1600&psts=AGkb-H-cKiiR-wJghEkQYcuPVmU67Fl9uxuy-HLBKM7u1zXH42DGLGNN49DMCMQoDctOHBm7bG8rDqH17IehNAY%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8HBD-RsOd0JQdSBfskQtS4kbaGrdee2-zw3WTF6T7Zfup-X4R8NVDDXvyFkDsdf9JA9btXwu93jb1H3cQ&ga_vid=564303274.1646790363&ga_sid=1646790364&ga_hid=766574652&ga_fc=true&btvi=3&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f58b8d85a54ae050a87636b909bb0692b3345e143c4b42ac51febe83eb4743b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10562
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 6FF6 385 B
747 B 9ms
8ms XHR
application/json 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 00:43:41 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
server: Server
age: 3742
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-length: 385
x-amz-cf-id: 75M6aN25i5K5o8aaPX2pwmECzfq3EnmqPNFXHpD4tJqz_ZEkP9xrWA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 6FF6 6 KB
3 KB 131ms
114ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
content-type: application/javascript
x-amz-cf-id: t1j7LiDB7HoyLdsCJmuUv7PjE4BNMCx9MPRLwYcGc5gdOeJUBWtTCA==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6FF6 0
0 46ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-23CFgJKvgZgPTpNR4K5L1IS7G4pssiDWNh0dCcZcsJGmb_L9wKfnOSoQts3Jk9uAg6eGuw6CPvJaJ80wEwBDN-Cn440SIjmkh3Ymoo91TllismN7ZeZUbNY9aEG6VT7Eyl1dI9fsWFw0l09btumC5Pk5JgA1i-ANT7cwCf1QlzzTzdKMzGBIZUNlek-qS79mMb28aL_HQerLbIlhI5AIcQOILG5w1HPG5MJrjpPwWMOs7NRcTSArWdTQ6acUwncbwoR8JsLDc6ttGdo51lWo0w5wBK_4pZzbK7_J5-LHzXgXJyXbt-IrJKOJT3Hv2ULEXn1uDCPe&sig=Cg0ArKJSzLKExlAxFI46EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 09 Mar 2022 01:46:04 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 9F88 134 KB
36 KB 10ms
9ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 357
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1G7XE12547NPW9G4CZJ3
date: Wed, 09 Mar 2022 01:40:06 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: SdEST-LhRDlbgwLg4tAzzxej3P3dHSTnpzX5f--iL5ly2BqATC3lvg==

GET
DATA 200
OK truncated
/ Frame 9F88 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8884bfe29bd8f5b2dc83f7ef02abf42de8bdae56a3c15688b86f52fcf1c2599b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 6FF6 38 KB
11 KB 38ms
18ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cbbd5676d9c7345483787d39fb83cb6880b4ee7d114e53f5b3df9b217af5f72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Wed, 09 Mar 2022 01:02:01 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10644
x-request-id: 981501826

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9F88 144 B
1 KB 90ms
90ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9637e4d8bf57601d7bd87cf987866f395c71006b5094b8c19de21ddca970918e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:04 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c669df94-277c-4d3a-aedf-a3176e190f80
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 9F88 429 B
892 B 80ms
71ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1780802&size_id=2&rp_schain=1.0,1!hcodemedia.com,288,1,,,&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tg_i.adunit=oglobo.globo.com.dw.728x90.inter&tg_i.dfp_ad_unit_code=138871148%2C85042905%2Foglobo.globo.com.dw.728x90.inter&tg_i.pbadslot=138871148%2C85042905%2Foglobo.globo.com.dw.728x90.inter&tk_flint=pbjs_lite_v4.43.0&x_source.tid=1f395c62-2cd9-4bb7-9b0a-940a7893108c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7680693995625152
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2a920d78580ae3ab1fd54098d4e48b3fa940555bcb9176f07c92e0be532d662b

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:04 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 429
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 9F88 0
65 B 1720ms
55ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://blogs.oglobo.globo.com
date: Wed, 09 Mar 2022 01:46:05 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 9F88 24 B
527 B 16ms
16ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: fab3b54fd6cf76ec9505a2b9458570b329aad6c60562eea3eb97eb670b846947

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 09 Mar 2022 01:46:04 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H3 200 prebid Show response
prebid.media.net/rtb/ Frame 9F88 338 B
273 B 25ms
16ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU2410EL
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf663626ba4a22c05f9e3387b1ed3810fa1df148bede5d1d5aa3f17db63ca0bf

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ Frame 9F88 348 B
586 B 45ms
40ms XHR
application/json 34.240.93.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931348&slot=%7Bid:/138871148/oglobo.globo.com.dw.728x90.inter,ss:%5B728.90%5D,p:/138871148/oglobo.globo.com.dw.728x90.inter%7D&wr=728.90&sr=1600.1200&url=https%253A%252F%252Fblogs.oglobo.globo.com%252Fmalu-gaspar%252Fpost%252Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253Dnewstarde
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.93.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-93-178.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 917f4ccf581101aefb216ce29a6031db5899f41500f7ce6fe48650a393ec0d8f

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
x-server-name: app05.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 impl.20220308-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 620 KB
128 KB 8ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 264bcc8863beaf40bf3925f2787d6ac9ca7aee6a7fd4499b210411c6a600750b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: kP1wtQZbp_5n0.4jM3VAvO62mKA3AVe2
content-encoding: br
etag: "7b01dd63e9ac6d00cb7e3596fbd2a4d4"
age: 26204
x-cache: HIT
content-length: 131175
x-amz-id-2: ABVEkOdalCKNSGXgTuAj6dceOyUzLKfLdF4KzVrDE3KlPSBmt9Wsl5GhwVEJK2vCJ6+Rl1zo2Ow=
x-served-by: cache-hhn4078-HHN
last-modified: Tue, 08 Mar 2022 10:23:44 GMT
server: AmazonS3-br
x-timer: S1646790365.811371,VS0,VE0
date: Wed, 09 Mar 2022 01:46:04 GMT
vary: Accept-Encoding
x-amz-request-id: 66QEGC2GJNZGEKD4
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 18
x-cache-hits: 21415

GET
H2 200 load.js Show response
widget.perfectmarket.com/editoraglobonetwork/ 5 KB
2 KB 30ms
9ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/editoraglobonetwork/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af38286fa634519ab80524b90b1e992febefc15923c89b1663bcd46dfee2c383

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: gUgj3C7AZJFMWF2Nwsx5cjlAkNxfoKpr
content-encoding: gzip
etag: "061b43bac53a5e78578ef76be22c651a"
age: 138
x-cache: HIT, HIT
content-length: 1576
x-amz-id-2: J7jysAF5dqakr5BCaIOmw+UclAJPBlcQ/GwPxqNliuleEDvlsI3UAOkd0Zgm3iQJLcofMnvD9+k=
x-served-by: cache-lax10679-LGB, cache-hhn4083-HHN
last-modified: Tue, 28 Dec 2021 18:47:08 GMT
server: AmazonS3
x-timer: S1646790365.833364,VS0,VE1
date: Wed, 09 Mar 2022 01:46:04 GMT
vary: Accept-Encoding,,
x-amz-request-id: 8ZDV5ZEEQAZJRFBP
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 16ms
15ms Script
application/javascript 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 03:59:58 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 78367
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 5gm_XqF6eRI9P0uEiQ8J_85ZRS8EB2yMg3wkENDTzNwObzu5dF-ibw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 9F88 385 B
748 B 10ms
10ms XHR
application/json 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 00:43:41 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
server: Server
age: 3742
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-length: 385
x-amz-cf-id: ZkScxNuWGhRG9QjFamb2cqyLMrR-TokG3awKmaBQ5SFhku6HnSFkMQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 9F88 6 KB
3 KB 39ms
38ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
date: Wed, 09 Mar 2022 01:46:04 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-id: 6Ci4xcdMZZ-0ZoQG8cOUYIcaQKiH5ASOaosExFzhJlBctKVc9-YS3A==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9F88 0
0 44ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjMra4wDKVDgPE78a3iPmQ-kC2HiyH0vNz5teFJSl9kP3N0VZysMt_1T-xmguv4eOhTKjZQmimlDFIA5-E1EZt-8WZhM2KN1ZFmf6_PF_CNzjCS7PzCntaxhdrT2cjG04n088cmVEOAWWjdFM9z5XfORv9LuhoQLXzlc1eY7SJbAS8P2vL2v2M5nVg6dGlsDOwBkKBWA_lauKtb-n-Xd-vS6qgQDq2v6YFQdSgEZ1r4IhxQyBO6kJlTMaRFwLDvE2PsLFbCEi3snWFxhmyyDQlOa-tNFVQpSzBU3s5roFsq0YwjtkB8kFLfGoBDCGcFsnlVWC32yUc&sig=Cg0ArKJSzH8niPFYG0O2EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 09 Mar 2022 01:46:04 GMT

POST
H/1.1 200 996.json Show response
id5-sync.com/g/v2/ Frame 6FF6 213 B
540 B 37ms
9ms XHR
application/json 51.195.5.40
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/996.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.40 , France, ASN16276 (OVH, FR),

Reverse DNS

p17.id5-sync.com

Software

Resource Hash

926c31baf0a2f19165dfb12da2b138451de262bc8dc73051f0e6629f409f13e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Date: Wed, 09 Mar 2022 01:46:04 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 9F88 38 KB
11 KB 11ms
11ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cbbd5676d9c7345483787d39fb83cb6880b4ee7d114e53f5b3df9b217af5f72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Wed, 09 Mar 2022 01:02:01 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10644
x-request-id: 981501826

GET
H2 204 b
sb.scorecardresearch.com/ 0
335 B 12ms
12ms Image
text/plain 13.32.121.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1646790364867&ns_c=UTF-8&cv=3.5&c8=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&c7=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&c9=
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-37.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: SqlME8FAz-K0MhXagCJd0-qD2dEikuDOs_kQQNFif2GjX-zw2wCcLQ==
x-cache: Miss from cloudfront

GET
H2 200 pmk-202010011.6.js Show response
widget.perfectmarket.com/editoraglobonetwork/ 99 KB
27 KB 8ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/editoraglobonetwork/pmk-202010011.6.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/editoraglobonetwork/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b383f17092354aea8e8598be6d4d8acb0de6a35b1f69620e85da57045197522

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Dj133TGBylNn2devt9Fgqn4nkuTE2sRn
content-encoding: gzip
etag: "a3a81c61409dd6a1e8ba2cb105c53a4a"
age: 6073127
x-cache: HIT, HIT
content-length: 27703
x-amz-id-2: /hXUUPkGjax214+W9IPhoIb91DcgIyAcPR21KEDT3QLsugmoD2/zq7JEYbnPwWtxpBVJqxkj3Oo=
x-served-by: cache-sna10749-LGB, cache-hhn4083-HHN
last-modified: Tue, 28 Dec 2021 18:47:08 GMT
server: AmazonS3
x-timer: S1646790365.871642,VS0,VE1
date: Wed, 09 Mar 2022 01:46:04 GMT
vary: Accept-Encoding,,
x-amz-request-id: 3Q1J8VC8V668WEJV
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 card-interference-detector.20220308-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 8ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20220308-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5c64635b8d1e030b028e16cdf9b952023561d795c481cbbdba8d1f045536f54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: r.PPJF0qU3b2ANopBPtuzGn2Uv_tj238
content-encoding: gzip
etag: "a9b2b9bf25d334745ec477c0083123ec"
age: 61
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2180
x-amz-id-2: iOh/AR7cUapE3/kUyAxgzDaOpk5dt/JO88bi2RbfYwvhiHap0eMkpxWZy9Pi8iTxrZh/CMZ7oss=
x-served-by: cache-hhn4078-HHN
last-modified: Tue, 08 Mar 2022 10:34:26 GMT
server: AmazonS3
x-timer: S1646790365.887032,VS0,VE0
date: Wed, 09 Mar 2022 01:46:04 GMT
vary: Accept-Encoding
x-amz-request-id: BKEEEP3Q0G3KJX3Z
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 7

GET
H2 200 json Show response
trc.taboola.com/editoraglobo-oglobo/trc/3/ 23 KB
7 KB 375ms
372ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/editoraglobo-oglobo/trc/3/json?tim=01%3A46%3A04.890&lti=deflated&data=%7B%22id%22%3A989%2C%22ii%22%3A%22%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1646738240796%2C%22vi%22%3A1646790364889%2C%22cv%22%3A%2220220308-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5563%2C%22qs%22%3A%22%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde%22%2C%22nsid%22%3A%22editoraglobonetwork%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-h%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Page%22%2C%22orig_uip%22%3A%22Below%20Page%22%2C%22cd%22%3A4791.90625%2C%22mw%22%3A1536%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A4601.90625%2C%22mw%22%3A700%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%2C%2CBelow%20Page%3Dthumbnails-h%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 50cf3a610ab357be825668390c40809fb3c33a9424517dd4bbcff819a4bfd730

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 366
date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
server: nginx
x-timer: S1646790365.896673,VS0,VE366
x-served-by: cache-hhn4078-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
90 B 47ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A04.887&type=error&msg=Didn%27t%20manage%20to%20find%20TRC%20container%20for%20R-Box%20with%20ID%20taboola-recommendation-reel%20(retry%3D1)%20(Document%20is%20Ready)!&llvl=2&id=1850&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13356

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 47ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A04.887&type=error&msg=Invalid%20container%20provided%20for%20request%20Recommendation%20Reel%20(null)!&llvl=2&id=5550&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13356

GET
H/1.1 200
OK conteudo.json Show response
oglobo.globo.com/api/v1/ultimas-noticias/politica/ 19 KB
7 KB 405ms
405ms Fetch
application/json 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/api/v1/ultimas-noticias/politica/conteudo.json?tiposDeConteudo=materia,materiaEmCapitulos,fotogaleria,videoGloboCom,listaFatos

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/carousel-oglobo.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

2a10fe59edbe0c20e346bec1ccc69a3aadbe5519ff24f0ef422ea6a85951591b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:04 GMT
Content-Encoding: gzip
Age: 0
grace: none
X-Cache: MISS
Strict-Transport-Security: max-age=15768000
Content-Length: 6028
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
cache-control: max-age=177
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Wed, 09 Mar 2022 01:49:03 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v16/ Frame E7C6 32 KB
33 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v16/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:33:29 GMT
x-content-type-options: nosniff
age: 540755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32900
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:09:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:33:29 GMT

GET
H3 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame E7C6 60 KB
12 KB 27ms
26ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=14.98.1

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA?compressed=true&v=14.98.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad17f3e4887e34b70f3ce18b89ab672b2f4d5db65237e58d704055fdc80d54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 59287
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-120-13
last-modified: Mon, 28 Feb 2022 17:52:22 GMT
server: cloudflare
etag: W/"61519-1646070742000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.000
cache-control: public, max-age=86400
cf-ray: 6e9022851cb623f7-ZRH
expires: Thu, 10 Mar 2022 01:46:04 GMT

GET
H3 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame E7C6 39 KB
8 KB 129ms
129ms Script
application/javascript 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=GTCopIDc5z&version=1483354452000&language=en_US

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b078017f3a5881d5c8af75f15f00b363c0c7d3e6677981eb293e296e869a85b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Ctkfg8rSBPX
pragma
wn: prod-dash-10-0-128-220
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.002
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 6e9022851cb723f7-ZRH
expires: Wed, 9 Mar 2022 20:46:05 EST

GET
H3 200 fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame E7C6 2 KB
3 KB 25ms
24ms Image
image/png 2606:4700::6811:b9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
cf-cache-status: HIT
age: 6361
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2177
wn: prod-dash-10-0-123-199
last-modified: Fri, 04 Mar 2022 11:52:10 GMT
server: cloudflare
etag: W/"2177-1646394730000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
server-time: 0.000
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6e9022852cbf23f7-ZRH
expires: Wed, 09 Mar 2022 03:46:04 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032202142035000/ Frame 6741 220 KB
61 KB 67ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032202142035000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b542a306fd479c837bb7608bda059dcb4c0ea9b15a375844cbf4456fd722cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 76106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61669
x-xss-protection: 0
server: sffe
date: Tue, 08 Mar 2022 04:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "73c6361ffdd039ea"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Mar 2023 04:37:39 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032202142035000/v0/ Frame 6741 16 KB
6 KB 78ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032202142035000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 76106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
server: sffe
date: Tue, 08 Mar 2022 04:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42a91727bcc93df1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Mar 2023 04:37:39 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032202142035000/v0/ Frame 6741 96 KB
29 KB 80ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032202142035000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 76106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29577
x-xss-protection: 0
server: sffe
date: Tue, 08 Mar 2022 04:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42f1ed997a28c2a2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Mar 2023 04:37:39 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032202142035000/v0/ Frame 6741 5 KB
2 KB 78ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032202142035000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 76106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1873
x-xss-protection: 0
server: sffe
date: Tue, 08 Mar 2022 04:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8e63b195883091b5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Mar 2023 04:37:39 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032202142035000/v0/ Frame 6741 42 KB
13 KB 79ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032202142035000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 76106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13633
x-xss-protection: 0
server: sffe
date: Tue, 08 Mar 2022 04:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c67c66f710e82a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 Mar 2023 04:37:39 GMT

GET
DATA 200
OK truncated
/ Frame 6741 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6526a9174275f8abd0f89de792487e9698dfd3098b940531b42f71f0507384ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2903146694458180321
tpc.googlesyndication.com/daca_images/simgad/ Frame 6741 97 KB
97 KB 31ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/2903146694458180321

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8d88aa7033d4160b7b5fb6f050a6d4df287be37aba83cfe6d2a278af8b04fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 10:52:52 GMT
x-content-type-options: nosniff
age: 399193
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98863
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 01:02:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Mar 2023 10:52:52 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6741 3 KB
3 KB 31ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 13:28:11 GMT
x-content-type-options: nosniff
server: cafe
age: 44274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 7735524722462771930
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Wed, 09 Mar 2022 13:28:11 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6741 344 B
807 B 30ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 31620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 09 Mar 2022 16:59:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6741 0
0 17ms
17ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvHRGpff-E4LoZ2bXFm-fOLadO6hyFu9Wp5wS1MCh1SOn2PnooriuhRX9oJeIGndTTunhaZd8voBnjJOag5QQmDl22XQ
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6741 0
0 53ms
53ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CT4-Q3AYoYvnvL8jG7_UP-b6_0AiTipL2ZvHTo7q1DL7Jk5CoDhABIJeX-CBglYqDgpgHoAG14-u6AsgBAqkC7ao22HVLsj7gAgCoAwHIAwiqBP8CT9AUhcXGo3-bonLrxou5aCg88Zy1ZFvH79TYjTPv1YEZPNbu3imZCM9iZdZxYFDm-mafyVMv-Z7sgaW9NHrnTkfQ_bBDWrF0CxrBQBcYg998YNbNDAbhYy6CP87SZJ5iCHqCF1wIsYiU059xKpwBibBC8Sy9Tp0Sib4aG9UUb8ierMOxXj8cwlKT0nd6UL_lQVHmqE8xHNYv-VbuYs5U2M29_lnbOHV1dLO3FMcgjzRupiwQxoZ9WhL1ZraYXLPcGKH2V_eY7TMYLuwDzbmNVjUIBXPTQ1ifwCh45BGw8_aB1pO9l0Q5eW8ICQX2TJD__Tu982cqZ2_zqGp3AXlDQk_OMADOmItvSbMmrzUVfrlb4p6nFL0eAXTgTq5_5W6-tK947fiF7ZOXN3rKsGXC5-RdzqXUsKCP__pOnuBL2XextORl908AcdQNVAScJryW8WwTSCrjgt7Adp-k6AXBPbPZwESyydtNIl3p8MS2xm0EfjSRZBiHmmJJlljbcQPABO7hpdj2AuAEAZIFBAgEGAGSBQQIBRgEoAYCgAeznJTFAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOGlNdIICQiA4YAQEAEYHYAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi04ODI4NTg3MTQ5NDczNDM3GOHzIA&sigh=sp0mFULj2TA&uach_m=[UACH]
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 botao-desk.gif
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/ 2 KB
3 KB 228ms
227ms Image
image/gif 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/botao-desk.gif
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 87ef5ff1e76b7444b170bc854ef7e22adabef01f30050760e757a23df4f995bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
x-openstack-request-id: txf8b56a805e58489ca7eb9-006228063a
last-modified: Tue, 08 Mar 2022 14:38:25 GMT
x-trans-id: txf8b56a805e58489ca7eb9-006228063a
x-thanos: 0AB47186
etag: 5add9e21533db7c34316bcb12976d455
vary: Accept-Encoding, Origin
content-type: image/gif
x-timestamp: 1646750304.33960
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 2429
x-request-id: f6aac8d3-d001-45c8-ab7a-30b4276db4fe

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
12ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=766574652&t=event&ni=1&_s=1&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&dp=%2Fpolitica%2Fblogs%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&ul=en-us&de=UTF-8&dt=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Botao&el=botao%20-%20deslogado_gabigol%20-%20oferta%20-%20og_botao_topo_semcookie_cnsmdr&_u=aGDAgEABAAQCAE~&jid=&gjid=&cid=564303274.1646790363&uid=32056618323217689173&tid=UA-51216819-1&_gid=300585408.1646790363&gtm=2wg37055NG4R&cd1=%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=&cd52=564303274.1646790363&cd77=32056618323217689173&cd78=anonymous&cd82=responsivo&z=2024650967

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 02:46:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82759
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cd
cd.navdmp.com/ 6 B
81 B 145ms
145ms Image
application/x-javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cd.navdmp.com/cd?prtid=13574&prtusridr=0198335f28098744cf38daf7a3f29921f86788ff
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e9022858c8623af-ZRH
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2 200 footer-desk.gif
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/ 35 KB
36 KB 225ms
224ms Image
image/gif 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/footer-desk.gif
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2455fe3dab06ba539f999e2ff5fda1d31254de4422ccbe0af7103d8075f76195

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
x-openstack-request-id: tx36445f1631b54bd0b8c9c-006228065d
last-modified: Tue, 08 Mar 2022 14:38:33 GMT
x-trans-id: tx36445f1631b54bd0b8c9c-006228065d
x-thanos: 0AB47186
etag: a0724d065a8e1e0d806a9e9880b41c4e
vary: Accept-Encoding, Origin
content-type: image/gif
x-timestamp: 1646750312.66342
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 36198
x-request-id: 31d6bcff-6093-4c07-9999-f22d80c3bf10

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=766574652&t=event&ni=1&_s=1&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&dp=%2Fpolitica%2Fblogs%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&ul=en-us&de=UTF-8&dt=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Footer&el=footer%20-%20deslogado_gabigol%20-%20oferta%20-%20og_footer_semcookie_cnsmdr&_u=aGDAgEABAAQCAE~&jid=&gjid=&cid=564303274.1646790363&uid=32056618323217689173&tid=UA-51216819-1&_gid=300585408.1646790363&gtm=2wg37055NG4R&cd1=%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=&cd52=564303274.1646790363&cd77=32056618323217689173&cd78=anonymous&cd82=responsivo&z=1303278094

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 02:46:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82759
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stream Show response
oglobo.comentarios.globo.com/embed/ Frame 85D5 3 KB
1 KB 241ms
240ms Document
text/html 131.0.25.85
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&v=6.7.1&ts=1646790300000&initialWidth=700&childId=box-comments&parentTitle=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde

Requested by

Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/assets/js/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.85 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

86a8a6ae06c94509cacf532a3df94869dcd37ec3b13da3d4d2315681fd1ff724

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://oglobo.comentarios.globo.com https://oglobo.globo.com https://blogs.oglobo.globo.com https://kogut.oglobo.globo.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-store
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self' https://oglobo.comentarios.globo.com https://oglobo.globo.com https://blogs.oglobo.globo.com https://kogut.oglobo.globo.com
x-trace-id: aee6a470-9f4a-11ec-83c4-fb586a20347e
etag: W/"b18-R1R6qpoMVz/SXkPIG8xVV9ogThQ"
x-content-type-options: nosniff
content-language: pt-BR
access-control-allow-headers: Content-Type
content-encoding: gzip

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 257ms
257ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3407008794403309&correlator=4440354466228806&eid=31065486%2C676982996%2C31060032%2C31063246&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220309&iu_parts=85042905%2Cinfo.web.oglobo&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&fsapi=false&prev_scp=Info.MatID%3D291505%26Info.Entidades%3Dwaldir-ferraz%252Cjair-bolsonaro%252Cisencao-de-imposto%252Casa-delta%252Cjet-ski%26Editora.random%3D2%26Editora.pos%3DTop%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.02%26hb_adid_appnexus%3D1945ed8c76f332e%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D1945ed8c76f332e%26hb_bidder%3Dappnexus&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie=ID%3Db7fd25f58653e3a1%3AT%3D1646790363%3AS%3DALNI_MbCSbspQ_GfjZ5sq8O2JV8HTGF06w&abxe=1&dt=1646790365132&lmt=1646790365&dlt=1646790358657&idt=5094&biw=1600&bih=1200&oid=2&adxs=1126&adys=432&ucis=5&adks=2282096486&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x289&msz=300x250&fws=4&ohw=1600&psts=AGkb-H-cKiiR-wJghEkQYcuPVmU67Fl9uxuy-HLBKM7u1zXH42DGLGNN49DMCMQoDctOHBm7bG8rDqH17IehNAY%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8HBD-RsOd0JQdSBfskQtS4kbaGrdee2-zw3WTF6T7Zfup-X4R8NVDDXvyFkDsdf9JA9btXwu93jb1H3cQ&ga_vid=564303274.1646790363&ga_sid=1646790364&ga_hid=766574652&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15f532f197bbddb70ac8590e298a31184dd5fa07779e5c6e5a45b6c009c366c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9492
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6741
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

42ms
25ms

Image
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H3
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Wed, 09 Mar 2022 01:46:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 2903146694458180321
tpc.googlesyndication.com/daca_images/simgad/ Frame 6741 97 KB
97 KB 26ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/2903146694458180321

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032202142035000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8d88aa7033d4160b7b5fb6f050a6d4df287be37aba83cfe6d2a278af8b04fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 10:52:52 GMT
x-content-type-options: nosniff
age: 399193
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98863
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 01:02:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Mar 2023 10:52:52 GMT

GET
H3 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6741 3 KB
3 KB 25ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032202142035000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 13:28:11 GMT
x-content-type-options: nosniff
server: cafe
age: 44274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 7735524722462771930
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Wed, 09 Mar 2022 13:28:11 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6741 344 B
368 B 24ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032202142035000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 31620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 09 Mar 2022 16:59:05 GMT

GET
H2 200 tb Show response
15.taboola.com/ 39 KB
12 KB 25ms
24ms XHR
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=editoraglobo-oglobo&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&encoded=1&uid=653037c0-dbf4-4d19-8c75-f32fc6fa0dc6-tuct9218c5c&variant=-100|1786072086&callback=TRC.videoTagCallbacks.videoCallback1&cb=1646790365283&tagid=&cntry=DE&platform=1&sesid=160b5bda917f326cbfbda7754bc9a97b&itemid=/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&viewid=1646790364889&geolat=&geoing=&deviceifa=&appid=&sd=v2_160b5bda917f326cbfbda7754bc9a97b_653037c0-dbf4-4d19-8c75-f32fc6fa0dc6-tuct9218c5c_1646790364_1646790364_CNawjgYQlv9JGNmd6-L2LyABKAEwODib4wlAjooQSPat2QNQqOwQWABgAGjb_5X0ga2ul6YBcAA&ri=cf8a7d6f1f5007cea7b78e85303bdc7e&appname=&cdb=&gdprApplies=true&rid=&sii=-7425918557199498964&oee=true&tpubid=1212310&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=TH&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1207970&prcnt=&layer=&normp=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fd265e6687b94f17976f707dfc5011f513ed1337e4cb9af15b7d08cdcce86e32

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
access-control-allow-origin: https://blogs.oglobo.globo.com
machineid: 1482
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn4078-HHN
pragma: no-cache
server: nginx
x-timer: S1646790365.287150,VS0,VE18
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 feed-card-placeholder.20220308-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20220308-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc6e79bf1b6e44369cb8bf4ef51ccff33fa0cbccc91a7c926af2c9d60a61764a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: JD743vX5kFv8npsEP6QiXfP2J.E5lTtG
content-encoding: gzip
etag: "002d83ece6cd93589f02fcb25223241f"
age: 42
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1262
x-amz-id-2: 6tPkYm8HLEKBp5rwyCNegemVEGBcSP9x+vfuKF+/JZpz3KqNLoZxwOkJs0dHCwl2K/MYClmJVHBZ0VkoqUb3Jw==
x-served-by: cache-hhn4078-HHN
last-modified: Tue, 08 Mar 2022 10:34:15 GMT
server: AmazonS3
x-timer: S1646790365.294819,VS0,VE0
date: Wed, 09 Mar 2022 01:46:05 GMT
vary: Accept-Encoding
x-amz-request-id: 9ZXQ8MNE8XZVA0W2
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 7

GET
H2 200 distance-from-article.20220308-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 6ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20220308-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35db4870ace7a2a22e381fd7928dac27b0ff0aa58f6aa3511e86e4124c7414ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: ifZ0puQf_6XfnsmpNjNUpGn_TiO4MT.q
content-encoding: gzip
etag: "d16fa9e2ab2b5c2209a0b7c92f32b6c3"
age: 63
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1006
x-amz-id-2: OWwTw2WFBEFcsnIw/DFUXr6m2MwcuUwwbVr+wfZAIlO7zcOuc2hpD4SE1MueKQBiQuF9876MO5Q=
x-served-by: cache-hhn4078-HHN
last-modified: Tue, 08 Mar 2022 10:34:22 GMT
server: AmazonS3
x-timer: S1646790365.299298,VS0,VE0
date: Wed, 09 Mar 2022 01:46:05 GMT
vary: Accept-Encoding
x-amz-request-id: KZTCRKYEATT4NHQF
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 7

GET
H2 200 article-detection.20220308-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 6ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20220308-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02cff87bf655f94854cce6621cccc3b0abfd0cf8f370174166cd3236e053ea83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: JH9dxUnBOJHPLszTft.LQRof6Y5otsi9
content-encoding: gzip
etag: "213959dc6ce4b946b28c82c3c37722d3"
age: 53
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1236
x-amz-id-2: wDzFY4k4VzK6c4cZ9lzY5yFn/u15Q21QKtrU4eGN+VxTIUl3Mhwm+j1gVgj2i5/2q5da6P2UX58=
x-served-by: cache-hhn4078-HHN
last-modified: Tue, 08 Mar 2022 10:34:31 GMT
server: AmazonS3
x-timer: S1646790365.299391,VS0,VE0
date: Wed, 09 Mar 2022 01:46:05 GMT
vary: Accept-Encoding
x-amz-request-id: 6DPGHSQ4YG79DS08
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 3

GET
H2 200 8314438e-1240-4037-ade5-bfeaed299a90.css
cdn.taboola.com/static/83/ 451 B
578 B 8ms
8ms Stylesheet
text/css 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/static/83/8314438e-1240-4037-ade5-bfeaed299a90.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: CkT0watBV7AEsiEughRkYLexggZw11Ym
content-encoding: gzip
etag: "1802e318f880ad7e5c7030e9da649cf6"
age: 7129
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 222
x-amz-id-2: hqmZShdkcFAlleVmrQTHL0lWM/rrhS/SE+W/uFCvCiwbKRLyTvid0jYcNFqWos5WWw06X0Kut4s=
x-served-by: cache-hhn4078-HHN
last-modified: Tue, 07 Jul 2020 17:40:49 GMT
server: AmazonS3
x-timer: S1646790365.304296,VS0,VE0
date: Wed, 09 Mar 2022 01:46:05 GMT
vary: Accept-Encoding
x-amz-request-id: SM6CAHYDHVK1WBW2
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: text/css
abp: 18
x-cache-hits: 1

GET
H2 200 userx.20220308-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 8ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20220308-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: feaa25ab48a4c76f2551eba621ccbee0f8853d342217424128e6d466f3dcbeaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: f1MNXaMkM0ZD5DLdqOEdsF0cDzKQYPWi
content-encoding: gzip
etag: "f474812bd16a86f1fd024898ea4ab942"
age: 4
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5397
x-amz-id-2: X7nKAYnEm5niY9AK5n1QTtaPQdjwIvz+geZbyKxeEl8Cgum9AMwtlja9ysZ+3sNPMJg/kIz1W6Q=
x-served-by: cache-hhn4078-HHN
last-modified: Tue, 08 Mar 2022 10:26:02 GMT
server: AmazonS3
x-timer: S1646790365.311615,VS0,VE1
date: Wed, 09 Mar 2022 01:46:05 GMT
vary: Accept-Encoding
x-amz-request-id: DM35GFSZF0820PKE
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 1

GET
H2 200 tb Show response
15.taboola.com/ 39 KB
12 KB 34ms
33ms XHR
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=editoraglobo-oglobo&unitType=244&tbloc=&pageType=text&pstn=Below%20Page&uuip=Feed%20-%20Below%20Page&cisrf=&cirf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&encoded=1&uid=653037c0-dbf4-4d19-8c75-f32fc6fa0dc6-tuct9218c5c&variant=-100|1786072086&callback=TRC.videoTagCallbacks.videoCallback2&cb=1646790365308&tagid=&cntry=DE&platform=1&sesid=160b5bda917f326cbfbda7754bc9a97b&itemid=/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&viewid=1646790364889&geolat=&geoing=&deviceifa=&appid=&sd=v2_160b5bda917f326cbfbda7754bc9a97b_653037c0-dbf4-4d19-8c75-f32fc6fa0dc6-tuct9218c5c_1646790364_1646790364_CNawjgYQlv9JGNmd6-L2LyABKAEwODib4wlAjooQSPat2QNQqOwQWABgAGjb_5X0ga2ul6YBcAA&ri=8285cc8cc5945105b3ff2093dd34a5cb&appname=&cdb=&gdprApplies=true&rid=&sii=-7425918557199498964&oee=true&tpubid=1212310&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=TH&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1207970&prcnt=&layer=&normp=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ac592bbb3638f9facb01f86e5ffb05826ee91106c9b19a19046e5114a47c57e

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
access-control-allow-origin: https://blogs.oglobo.globo.com
machineid: 1443
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn4078-HHN
pragma: no-cache
server: nginx
x-timer: S1646790365.313239,VS0,VE26
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 7ms
7ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 108
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: dIuPgF32MPZeTv1riDSyCnX4J6DD4HcAbNOGigu/2qjDG9J3qY6+6oya3VXcwS7qL2S4vfAf0bc=
x-served-by: cache-hhn4078-HHN
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1646790365.316698,VS0,VE0
date: Wed, 09 Mar 2022 01:46:05 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: ZQ8ND9MMDRQ3FH1S
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 18
x-cache-hits: 6

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A05.296&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&llvl=2&id=2384&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12975

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 18ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A05.298&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&llvl=2&id=5299&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12975

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A05.310&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&llvl=2&id=230&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12975

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 15ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A05.311&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&llvl=2&id=3406&cv=20220308-6-RELEASE&lt=deflated&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12975

GET
H/1.1

200
OK

/
d.agkn.com/pixel/10690/
Redirect Chain

https://ad.doubleclick.net/ddm/ad/N297201.2069703TABOOLA/B26896017.320597054;sz=1x1;ord=2022-03-09+01%3A46%3A05;dc_ref=blogs.oglobo.globo.com;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
https://ad.doubleclick.net/ddm/ad/N297201.2069703TABOOLA/B26896017.320597054;dc_pre=CNKM_JX0t_YCFRfRuwgdI_gK8w;sz=1x1;ord=2022-03-09+01%3A46%3A05;dc_ref=blogs.oglobo.globo.com;dc_lat=;dc_rdid=;tag_...
https://d.agkn.com/pixel/10690/?che=3894422761&cmid=26896017&sid=3245026&pid=320597054&cgid=522270926&cid=167521640&aid=11386582&gdpr=&gdpr_consent=

43 B
648 B

46ms
9ms

Image
image/gif

18.156.47.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/10690/?che=3894422761&cmid=26896017&sid=3245026&pid=320597054&cgid=522270926&cid=167521640&aid=11386582&gdpr=&gdpr_consent=
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: HTTP/1.1
Server: 18.156.47.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-47-94.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:04 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://d.agkn.com/pixel/10690/?che=3894422761&cmid=26896017&sid=3245026&pid=320597054&cgid=522270926&cid=167521640&aid=11386582&gdpr=&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.6.9/ 100 KB
29 KB 9ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5370c8f238d0ae8b1400cff5df17563faca18ebfc2372d0948e20087984e2d19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront), 1.1 varnish
age: 564916
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 29420
x-served-by: cache-hhn4078-HHN
last-modified: Wed, 02 Mar 2022 12:50:08 GMT
server: AmazonS3
x-timer: S1646790365.330650,VS0,VE0
etag: "fc14dc1b8b9b350592c06408d9365f23"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: RdCKEbq5DBy3hPY6ihqU1cl35mclg9o0Z8UZl8QoxXuEC4Wpw3j22A==
x-cache-hits: 39783

GET
H2 204 social
am-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 0
230 B 15ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/3/social?route=AM:AM:V&tvi2=4948&lti=deflated&ri=cf8a7d6f1f5007cea7b78e85303bdc7e&sd=v2_160b5bda917f326cbfbda7754bc9a97b_653037c0-dbf4-4d19-8c75-f32fc6fa0dc6-tuct9218c5c_1646790364_1646790364_CNawjgYQlv9JGNmd6-L2LyABKAEwODib4wlAjooQSPat2QNQqOwQWABgAGjb_5X0ga2ul6YBcAA&ui=653037c0-dbf4-4d19-8c75-f32fc6fa0dc6-tuct9218c5c&pi=/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&wi=-7425918557199498964&pt=text&vi=1646790364889&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%22Sem%20Autor%22%5D%2C%22img%22%3A%22https%3A%2F%2Fs2.glbimg.com%2Fel2nXAIMf-MFP1dx9wU0IUt-_fM%3D%2F640x424%2Fi.glbimg.com%2Fog%2Fig%2Finfoglobo1%2Ff%2Foriginal%2F2020%2F09%2F25%2Fa.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=01%3A46%3A05.327&id=5087&llvl=2&cv=20220308-6-RELEASE&
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 stream.48fcab9847bb8f1bdf1cbf7c6c22b202.css
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/css/ Frame 85D5 229 KB
46 KB 905ms
904ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/css/stream.48fcab9847bb8f1bdf1cbf7c6c22b202.css
Requested by: Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&v=6.7.1&ts=1646790300000&initialWidth=700&childId=box-comments&parentTitle=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 863abab1fd939484df7f84b8575be30ff20803e87181e7bbe58af326f26c88ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-openstack-request-id: txb2385be33ab9463da7168-0062193a05
last-modified: Thu, 28 Jan 2021 18:09:30 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1611856603.000000
x-timestamp: 1611857369.24525
cache-control: public, max-age=5184000
content-type: text/css
x-trans-id: txb2385be33ab9463da7168-0062193a05
x-request-id: d5f71b25-5cd5-4bfe-8d81-80f7d15c7536

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/ Frame 85D5 20 KB
4 KB 227ms
226ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/style.css
Requested by: Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&v=6.7.1&ts=1646790300000&initialWidth=700&childId=box-comments&parentTitle=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: a2af5a592426fd686a4cc64be457646d6e304ecc47abbfc0e275817a222cd72e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-openstack-request-id: tx2fc3ed6297a6468393f2d-0062280633
last-modified: Tue, 23 Feb 2021 13:42:43 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1614087762.28886
cache-control: public, max-age=180
x-trans-id: tx2fc3ed6297a6468393f2d-0062280633
x-request-id: 056299ca-f58d-42d2-9080-8d10f82e4c2c

GET
H2 200 vendors~account~admin~auth~install~stream.fed0baa2de5aacf2dc8768b3dc3f5563.chunk.js Show response
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/ Frame 85D5 961 KB
328 KB 230ms
229ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/vendors~account~admin~auth~install~stream.fed0baa2de5aacf2dc8768b3dc3f5563.chunk.js
Requested by: Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&v=6.7.1&ts=1646790300000&initialWidth=700&childId=box-comments&parentTitle=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 6a2bd3dbb70547af90e996b9e9d76cea0df3f1d41149d0428d7ddae5e1c3a6f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-openstack-request-id: txd0451df16aee4b048ddab-0062193a05
last-modified: Thu, 28 Jan 2021 18:10:09 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1611856603.000000
x-timestamp: 1611857408.49511
cache-control: public, max-age=5184000
content-type: application/javascript
x-trans-id: txd0451df16aee4b048ddab-0062193a05
x-request-id: b7696221-f27e-459e-afbb-fcc2de7e5bca

GET
H2 200 vendors~admin~install~stream.8ea2a970d6ce93d9bef1b637c8faae6e.chunk.js Show response
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/ Frame 85D5 46 KB
16 KB 904ms
904ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/vendors~admin~install~stream.8ea2a970d6ce93d9bef1b637c8faae6e.chunk.js
Requested by: Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&v=6.7.1&ts=1646790300000&initialWidth=700&childId=box-comments&parentTitle=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 33880cb6848e07fbd0897cfb1868fda7ae729af8da8f3d35e11f578f3e37a599

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-openstack-request-id: tx6e072fa9a3194a008dc9f-0062193a05
last-modified: Thu, 28 Jan 2021 18:10:09 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1611856603.000000
x-timestamp: 1611857408.60081
cache-control: public, max-age=5184000
content-type: application/javascript
x-trans-id: tx6e072fa9a3194a008dc9f-0062193a05
x-request-id: 5ece9198-677b-472f-a61e-ac790413a9db

GET
H2 200 stream.ec444b2b9e0c4eb0951e37cf1147f9dd.js Show response
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/ Frame 85D5 1 MB
397 KB 904ms
904ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/stream.ec444b2b9e0c4eb0951e37cf1147f9dd.js
Requested by: Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&v=6.7.1&ts=1646790300000&initialWidth=700&childId=box-comments&parentTitle=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 0e26ade64b35613f7f287948f47be3d9381a2b50959a8d9fb88ceeab6437b8a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-openstack-request-id: tx01ac00399a7a4a46bda27-0062193a05
last-modified: Thu, 28 Jan 2021 18:10:09 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1611856603.000000
x-timestamp: 1611857408.26862
cache-control: public, max-age=5184000
content-type: application/javascript
x-trans-id: tx01ac00399a7a4a46bda27-0062193a05
x-request-id: 21a8bad3-9550-4227-a906-00b3618e8431

GET
H/1.1 200
OK Doria-Cidadania.jpeg.jpg
ogimg.infoglobo.com.br/in/25424517-fba-07d/FT1086A/ 103 KB
103 KB 901ms
224ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25424517-fba-07d/FT1086A/Doria-Cidadania.jpeg.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

75880d09ff38cbb2c7b7bf594ee7aeffe232bafd491fbda0fd7952bbd3bcedd3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 23:49:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 6992
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Tue, 08 Mar 2022 23:48:45 GMT
Server: Apache
ETag: "40169d3a-19ad4-5d9bd9f2677e8-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 620

GET
H/1.1 200
OK Ricardo_Lewandowski.jpg
ogimg.infoglobo.com.br/in/25333320-8db-989/FT1086A/ 43 KB
43 KB 901ms
225ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25333320-8db-989/FT1086A/Ricardo_Lewandowski.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

f3e652fa25a7130b7b6eb96aab8e3d53c6367004a05c9172b2df12177b0c7963

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 12:21:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 134648
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Mon, 07 Mar 2022 09:01:50 GMT
Server: Apache
ETag: "402e6be9-acf8-5d99d1d6b1bea-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 1174

GET
H/1.1 200
OK 97966554_MARIZPABRASILIA-08-03-2022-ENCONTRO-DAS-LIDERANCAS-EVANGELICAS-JAIR-BOLSONARO-Jair-Bo-1.jpg
ogimg.infoglobo.com.br/in/25424309-4fd-ccf/FT1086A/ 62 KB
61 KB 903ms
224ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25424309-4fd-ccf/FT1086A/97966554_MARIZPABRASILIA-08-03-2022-ENCONTRO-DAS-LIDERANCAS-EVANGELICAS-JAIR-BOLSONARO-Jair-Bo-1.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

4e54797d8d66b6ee187527f51105f8d75255222a21c9d50f9df4852fed284306

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 22:14:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 12706
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Tue, 08 Mar 2022 22:12:57 GMT
Server: Apache
ETag: "a0619bc0-f901-5d9bc48888fd8-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 11303

GET
H/1.1 200
OK arthur-do-val.jpg
ogimg.infoglobo.com.br/politica/25420652-31f-401/FT1086A/ 126 KB
126 KB 905ms
225ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/politica/25420652-31f-401/FT1086A/arthur-do-val.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

61f7487dc941910bd702c2798497b0fa8baecf9d051adfabc468a30b726cd8b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 21:06:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 16792
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Tue, 08 Mar 2022 21:04:49 GMT
Server: Apache
ETag: "401bbf0e-1f63d-5d9bb54e11968-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 1240

GET
H/1.1 200
OK 96242931_CRISTIANO-MARIZ-PA-17-11-2021-RODRIGO-PACHECOSTF-Rodrigo-Pacheco-presidente-do-Senad.jpg.png
ogimg.infoglobo.com.br/politica/25363831-498-74b/FT1086A/ 26 KB
20 KB 908ms
225ms Image
image/png 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/politica/25363831-498-74b/FT1086A/96242931_CRISTIANO-MARIZ-PA-17-11-2021-RODRIGO-PACHECOSTF-Rodrigo-Pacheco-presidente-do-Senad.jpg.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

7e2ea1311a5c4eb16c53afafde1377f89694307cacf250d7c06afa3e00b17b7b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 20:12:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 19988
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 20233
Last-Modified: Tue, 08 Mar 2022 11:59:59 GMT
Server: Apache
ETag: "4007005e-68eb-5d9b3b8638225-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 1409

GET
H/1.1 200
OK 96370725_MARIZPA-BRASILIA-25-11-2021-RENATA-ABREUPODEMOS-Entrevista-com-a-deputada-Renata-Abre.jpg
ogimg.infoglobo.com.br/in/25424088-cdd-cb9/FT1086A/ 45 KB
42 KB 918ms
229ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25424088-cdd-cb9/FT1086A/96370725_MARIZPA-BRASILIA-25-11-2021-RENATA-ABREUPODEMOS-Entrevista-com-a-deputada-Renata-Abre.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

ced381d45a6b2894b8eb6e6752feff077fbf590fc3a6050878432704d37af565

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 20:04:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 20468
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Tue, 08 Mar 2022 20:03:22 GMT
Server: Apache
ETag: "3112cd-b582-5d9ba791d2bc5-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 1459

GET
H/1.1 200
OK 97960174_Brazils-President-Jair-Bolsonaro-puts-on-a-pink-tie-after-taking-of-his-blue-tie-durin.jpg
ogimg.infoglobo.com.br/in/25423720-073-d29/FT1086A/ 38 KB
37 KB 227ms
227ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25423720-073-d29/FT1086A/97960174_Brazils-President-Jair-Bolsonaro-puts-on-a-pink-tie-after-taking-of-his-blue-tie-durin.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

01a99228c113fb951194f3d514266b6333dda25ea9c1f9f581596696b2ad5a64

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 15:48:36 GMT
Content-Encoding: gzip
xkey: 25423720
Age: 35850
grace: none
X-Cache: HIT
X-Cache-Hits: 1712
Connection: Keep-Alive
X-HashTwo: 25423720
Content-Length: 37521
Last-Modified: Tue, 08 Mar 2022 15:48:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
ETag: "c50724f2e3f5fed647a0be1b1ec25f6a-gzip"
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: public,max-age=31536013
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: 1646754508252

GET
H/1.1 200
OK 97912282_SAO-PAULOSP05032022DEPUTADO-ARTHUR-VAL-CHEGADA-AEROPORTOChegada-do-deputado-Arthur-1.jpg
ogimg.infoglobo.com.br/in/25422664-c57-643/FT1086A/ 51 KB
51 KB 225ms
224ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25422664-c57-643/FT1086A/97912282_SAO-PAULOSP05032022DEPUTADO-ARTHUR-VAL-CHEGADA-AEROPORTOChegada-do-deputado-Arthur-1.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

b248aa9a1bfaca05cb9531d470ef4b5860f5c8edde13bfd6d8a41a85dcd3f5cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 20:01:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 107052
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Mon, 07 Mar 2022 19:59:44 GMT
Server: Apache
ETag: "402f0cb8-cb41-5d9a64e4af6a9-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 12057

GET
H/1.1 200
OK WhatsApp-Image-2021-10-15-at-21.32.23.jpeg.jpg
ogimg.infoglobo.com.br/in/25238946-acd-e24/FT1086A/ 37 KB
35 KB 228ms
227ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25238946-acd-e24/FT1086A/WhatsApp-Image-2021-10-15-at-21.32.23.jpeg.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

7ebfb0f244ddbf6556603bc32756dc43f6a7ab93c4f745e14a571b27ce299c50

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 11:10:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 311757
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 35330
Last-Modified: Sat, 05 Mar 2022 11:10:02 GMT
Server: Apache
ETag: "7a29e-94b4-5d976ac3b6afe-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 35112

GET
H/1.1 200
OK xbolsonaro_e_filhos.jpg.pagespeed.ic.ngjbruse0f.jpg
ogimg.infoglobo.com.br/in/25423643-767-84a/FT1086A/ 71 KB
71 KB 234ms
234ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25423643-767-84a/FT1086A/xbolsonaro_e_filhos.jpg.pagespeed.ic.ngjbruse0f.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

b626a99d0244cd5956e5168a46a585f9b8041f755f6c167da6e41ccd2a5b6f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:44:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 76
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
X-Cache-Hits: 5
Connection: Keep-Alive
Last-Modified: Tue, 08 Mar 2022 21:15:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=300,private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Tue, 08 Mar 2022 21:20:22 GMT

GET
H3 200 container.html Show response
f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FEAD 6 KB
3 KB 23ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Mar 2022 01:46:04 GMT
expires: Thu, 09 Mar 2023 01:46:04 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 24ms
7ms Preflight 52.28.30.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.30.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-30-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-length: 0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
236 B 7ms
7ms XHR
application/json 52.28.30.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.30.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-30-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 09 Mar 2022 01:46:05 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DC34 624 B
297 B 25ms
22ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUszczwRpKYUTbtIgYFRj1B6aprU0VB_MXuKPfv-WUH1XENn5jyl_359jvSsRiEK39ZkVOCTnzgll_vYb294pmChxMrqikjikbx7w-gxaLBYwExMWeuDjJAReiFUfsgkbut5Yp5dbjebB11qmgwlcfSuimINZ001nfAgyRATAU7zpocARg

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 09 Mar 2022 01:46:05 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FEAD 77 KB
32 KB 91ms
89ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CjPdUfgNIYjFewstnvmxE-MWaxGnreXBJoKEAguuvLpnOLoDv1-yORy6yigH_MYlAYqhjwQn5Wr2guJw7Y8CxBcssMcg&cry=1&dbm_d=AKAmf-CIyTuEF87_1xSrCfxSbMsu7VFvK4izUfykI5jNTvsTDyzTq9UNbEsAz6c0AKQnQqhWx8xdum9Je6vrXmkgSp_i7FjZ-C6eh_WsDUvW45dpQA7pY6BTCUqQ_KLGj-cSKOweTLsSKHuq0l_iaFW6XZYOYc_R58JyGSDkKugUGGvcFnV4TwB_o6VYbSNAYgpa-DcDg1l6YJQw13wkhLphD7hGUnQrV0rdbj9K_eEtHVY0_6RKMSh6j0Mfn9HKHa1i-Ve4ymdCnnBHDcox-GPb23054qnD3T5OoB9yaZdmcBMUXybD6n33qH8vW9Ccd89ee1jsbNpJIjoCYifa7PvVSuRIcGOKmxEcudROanrLWEh-lphOgzM2zI6y2ATI4NDP9YQ3SlgI3684iP_u8fJt7wruHd3QEjJYMyxoLrwCG5W4xZQaeHGcHZriAaVqN38yRszLga8ABCDA2ie_oLwU84cR0TwMNLx_t4DcjaNrEQhBx9iGZkeBmIvGJq4BjKH6xTFQfTZ-lCtrdMPoJ4UZmhmeKpM_HFCs5ZQCuZOy1fDzbREySt06-ombPplefpsA3wCplwnHS3q1TakS8Lo1r_cHpVcWoyJSMh6F0iPKEXRMdmVde174sjkeQmqMBm9Axr5RfQ3kzFELUh0ybGxaM8uzfgo15464RVDwtzzKj0HOuCC70-n4tp_971j2F4wBDUTiV0h-tVxe0vrnX1kNExbryrC2hkJbUe1kTLp8llJ731qouES51jNws3t_6nFBKfCl6qykIpwKuCneROe7yFKId3nGZzEHWPwZD_rvTMiRIPzNYb9vw8hSir87bl1MFg_6t7m5T9-QqjhhFgrOjeYjjORSuFeAlJuTCWipPlj3gSEdJKJcgC4wXMG_yK83gRHDGKZT1m9ftTCppaSTCf3-HpMkkpYGrY8QZlrXPi5HO-y-mrpdDI7i68aglM3MsXj1yhSlPpjO3MYb3DK452YxvDwcPcdip90qfK0bgC2pfc4BaVfnqxH0XM0KmzspXcJ_ttwLLTAtxk_WhA5GwPmE_qCiNzQ_OA-P9MmcCYQRc5VuuL27sgYUSrc7u81ImNy_KbbNlnLuzzNWZG3TWAzVlR_XBzhmDxPobNXDaBc3D7oN-tpgTlHaLNT_kQQqcGeTAJAzVaLJeqxrGcNo_rClmNjoIUfl94-59aYL5y-Q1IxQh9BVXN7kWlw-EeYR56h8wUM7pjHlxMLWIJryaZ6ibHHvn_qrbeiDMPpVznQMCeaAEHNthDH4ItWHOI4Ejfw2xlsKwwt_w6JwPTN8O1832nDwwCkxpXIqw7HjzLdkSPE8jYmYuehJ1KZ8Z1TW1BlZZjn487pW84cuaWXgRTSX7FUiu7e-mTlrul9qYDCGggdLerl8Lm46X_wB0zIpnNS8mxi2eMsH4EEc-PSa3gSjAB8FtsBRxC15LhjBJIogNiRuhRtE9JkIpuGcoLg3hUoX9k4w7dyPjJCx-QJb3KeEllLhjRjj7VxVwrwctRCb5-Ur-ix-4XUm6DY4djBE56Z3Jri8WWCgIFwG_L3qFAT96VPLjYHE8tfJhtSWXJryNsDPwC8If1YVVxAyrdMLCDFg9BRph3VVBkVdUmhEbD_AmJ9IGBTsT8CqhBX6P44qi8GirgKyAjICGDIM7lGqXMa9hebWdaxM5mgSWcXbRq2y2-aQhxTLM2WnyTByj971gYs0AoRC4OBs_DVoGuESsskrZ3nP736eiKH2ReFE3kJpclARuvsHlc_JXLID2DLucB9nst6A_X3ICfxoHKEhvJu-4DWOb3vl6uZPhJ1Up2FhiuCTJhdu1UO_UYHemfoBgmg3XFTCAVlKPfbSnZSmhJuQIMt65p7arvLdsv9LbGoRwpikf0IyfBADe-2f-0uJM2Evn5MW2Z_INd_e4MvHiL_WxERCpnGGNphP_GyPxOtUKP8eUDHaY31SSUXehox-OZ5lO_DCpRG-ljjvNQUODO2t0wopsJvkgOETVIrHyIJehX4WXLzo0ruQnQhGf___xiVFhtsionJNtA6Y7-IufklBdllePQcjlHZExfmd9fU9-7JFvEefMm9v5_WXX6dC6ShO4Pyrgwtq6EBY6peFXk9QbI0lhaapgPAAZIRS476kC9KJUiFN73YKzaIg52GmGHsy2rNkwbuXdbYWtMEWeUHjt8Aw9w6oWwJy7pj7f0jLGktCSCbsoQGYNe-eJk3IKAu2pDpZ-1BUqWb2qKZE7rkmwZFtZuJkihSjVM-2LJQ-0_Zdd-KhmqpEsBQviVyU9oYXGmZAiuusZxBEsK71a0vW90FTbXRqT5bz_msD5JaLFA1hGrzkhq3DiDfoUOk0pRGHFsOLoArngMp4OvwIUNrvHSPt7X-_4SpiXuIVo_El-CPUKEGPDr-tqSVlQNPqYVYlUyyx5QbJ5zplA9D4RYvNO2aMwjR02rAEx1riLik9E0PL6sLlQA-ieL5CjTaRAoCmTzIi92AOWXZcRJaE7bK95vgq7aGXBOHSP6rHLgYhxwI2v2oUhOQQm9Wt6dQ4g0CTFx2ghek2_HwWhMgvA3xdZYYRW2JAAD9fC7PD56e8vJDdyYrYF8c8UVdIvGAb6mdaXVt34PTkLmwNCbj7kCGm4V7uockDnZYHtxnmGYp0HBVvjJcnIHZqJeT-I3VDFpLPN-weZ2wHrKMHifMaHvfMA6sctqu0pwvbAdP7mHhj0m_YFbiunQCxdplEoRAXvtQWTlzdEzVla9H_j9utbUxF_92GzlfbGRU7uAOTBQLUxx10rVGdG01GW2PrzN3x-nO179y2y-PN66kUy2-X0XW7OFVN_37D_c57lKOoCdSv9Y-_5LHmgaXp6Ju2ysUBgHryp0q7w48QCbtD0jj80Yv41q3uFTCoQr-zJC7rfomdiFNoKGVPGIFj0ZHyGSXCCPtxvtDyuCCQv0HOt4mNqHXKkmLkShznxpa2IUifRPIIKENeqQlkJBLSs4zdtUTLfHVKv6AVSJEsPqBjApUNS6iq3Nwv6YMEKOY-QYfiV6B2-xka5_RedcYKNYWXSkDQ6GUiGCwug_q5nKo6y2GBFg2dWotwX5A70oJR5msiOrI8VoIRXnv7DegqcUptSIADwJ4zY--DWklxLtLPhNYtOGBdb_C3KLbSMrp7G6oBDTovO9WNNXQy6QdM-vset_ucGBP4JWgaFIG2Yo2gZkHVHuct7BcovVmwOF8qRoy0UygwVthVWdCIBoBTm-D_3A2_qLeMq0IjXvrqwLH169Pe1q3P2p3di8l26c6gMZkncR59etRsnHnslPYpLaVbnp23e8p9SnaLYm9Z3moPesbxzJWhhMEAe9A-8E6aF1savSCbW52__E9QbUuQV8ewxxayHJtrnkzSCzYt0RJH91vLKI0GbtKi1hPkhQXvcc2msqvLy-Kc2aqYgDlmaVVsL5SJOkYOOnG6SpZ7Z2YniVOr9QatkxvbwLOpZ32kPiI4OAQ3v-oqag&cid=CAASJeRo0y5W7P-Jk4Y2UxZ2LOOC7dMkztPnGTbJ7gM-KlQM2k1PtZA&rfl=1%2Chttps%253A%252F%252Fblogs.oglobo.globo.com%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fad5c95dd57ea0e7a1c9e48cfcd2fd22fb9eda92a725d93eaa2f3a5cd894570e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33163
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FEAD 42 B
207 B 45ms
42ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BzEZue-B0HC_wG3cv6OSy2kiiwAcOxCBg3VTN73x5-4SkEDhqB0toQFuV45b2Dlk2Dp3oNgFaO4pWF9LHNOTJTj9cGUU1cPHJbCcn12r74qeyvr1M

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/ Frame FEAD 2 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/window_focus_fy2019.js

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:23:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 01:23:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FEAD 124 KB
38 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646656195544221"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:46:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/ Frame FEAD 15 KB
6 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 01:15:06 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DC34
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIazgJyP0KsrEypXQOYHxsU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIazgJyP0KsrEypXQOYHxsU&google_cver=1&C=1

43 B
1014 B

31ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIazgJyP0KsrEypXQOYHxsU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUszczwRpKYUTbtIgYFRj1B6aprU0VB_MXuKPfv-WUH1XENn5jyl_359jvSsRiEK39ZkVOCTnzgll_vYb294pmChxMrqikjikbx7w-gxaLBYwExMWeuDjJAReiFUfsgkbut5Yp5dbjebB11qmgwlcfSuimINZ001nfAgyRATAU7zpocARg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 09 Mar 2022 01:46:05 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIazgJyP0KsrEypXQOYHxsU&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 09 Mar 2022 01:46:05 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DC34
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YigG3aXQ9Ufp9jpYhTVi-wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIazgJyP0KsrEypXQOYHxsU&google_cver=1

43 B
894 B

35ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIazgJyP0KsrEypXQOYHxsU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUszczwRpKYUTbtIgYFRj1B6aprU0VB_MXuKPfv-WUH1XENn5jyl_359jvSsRiEK39ZkVOCTnzgll_vYb294pmChxMrqikjikbx7w-gxaLBYwExMWeuDjJAReiFUfsgkbut5Yp5dbjebB11qmgwlcfSuimINZ001nfAgyRATAU7zpocARg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 09 Mar 2022 01:46:05 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIazgJyP0KsrEypXQOYHxsU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DC34
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIxgKvjWN5C2wFqyxUVicMY&google_cver=1

43 B
1004 B

14ms
14ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIxgKvjWN5C2wFqyxUVicMY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYjYjFwwEwAQ&v=APEucNUszczwRpKYUTbtIgYFRj1B6aprU0VB_MXuKPfv-WUH1XENn5jyl_359jvSsRiEK39ZkVOCTnzgll_vYb294pmChxMrqikjikbx7w-gxaLBYwExMWeuDjJAReiFUfsgkbut5Yp5dbjebB11qmgwlcfSuimINZ001nfAgyRATAU7zpocARg

Protocol

HTTP/1.1

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:05 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 149297e0-7104-41d1-8bfd-a19ab3f165a8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIxgKvjWN5C2wFqyxUVicMY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC34
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcyNDYyNjQ1MjMzOTQ2Mjk2NQ%3D%3D

170 B
189 B

17ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcyNDYyNjQ1MjMzOTQ2Mjk2NQ%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:05 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7429c695-3beb-4910-a788-d7fcd4a029fe
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcyNDYyNjQ1MjMzOTQ2Mjk2NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame FEAD 106 KB
38 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/
Origin: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 12:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Mar 2022 12:47:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220303/r20110914/elements/html/ Frame FEAD 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220303/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CjPdUfgNIYjFewstnvmxE-MWaxGnreXBJoKEAguuvLpnOLoDv1-yORy6yigH_MYlAYqhjwQn5Wr2guJw7Y8CxBcssMcg&cry=1&dbm_d=AKAmf-CIyTuEF87_1xSrCfxSbMsu7VFvK4izUfykI5jNTvsTDyzTq9UNbEsAz6c0AKQnQqhWx8xdum9Je6vrXmkgSp_i7FjZ-C6eh_WsDUvW45dpQA7pY6BTCUqQ_KLGj-cSKOweTLsSKHuq0l_iaFW6XZYOYc_R58JyGSDkKugUGGvcFnV4TwB_o6VYbSNAYgpa-DcDg1l6YJQw13wkhLphD7hGUnQrV0rdbj9K_eEtHVY0_6RKMSh6j0Mfn9HKHa1i-Ve4ymdCnnBHDcox-GPb23054qnD3T5OoB9yaZdmcBMUXybD6n33qH8vW9Ccd89ee1jsbNpJIjoCYifa7PvVSuRIcGOKmxEcudROanrLWEh-lphOgzM2zI6y2ATI4NDP9YQ3SlgI3684iP_u8fJt7wruHd3QEjJYMyxoLrwCG5W4xZQaeHGcHZriAaVqN38yRszLga8ABCDA2ie_oLwU84cR0TwMNLx_t4DcjaNrEQhBx9iGZkeBmIvGJq4BjKH6xTFQfTZ-lCtrdMPoJ4UZmhmeKpM_HFCs5ZQCuZOy1fDzbREySt06-ombPplefpsA3wCplwnHS3q1TakS8Lo1r_cHpVcWoyJSMh6F0iPKEXRMdmVde174sjkeQmqMBm9Axr5RfQ3kzFELUh0ybGxaM8uzfgo15464RVDwtzzKj0HOuCC70-n4tp_971j2F4wBDUTiV0h-tVxe0vrnX1kNExbryrC2hkJbUe1kTLp8llJ731qouES51jNws3t_6nFBKfCl6qykIpwKuCneROe7yFKId3nGZzEHWPwZD_rvTMiRIPzNYb9vw8hSir87bl1MFg_6t7m5T9-QqjhhFgrOjeYjjORSuFeAlJuTCWipPlj3gSEdJKJcgC4wXMG_yK83gRHDGKZT1m9ftTCppaSTCf3-HpMkkpYGrY8QZlrXPi5HO-y-mrpdDI7i68aglM3MsXj1yhSlPpjO3MYb3DK452YxvDwcPcdip90qfK0bgC2pfc4BaVfnqxH0XM0KmzspXcJ_ttwLLTAtxk_WhA5GwPmE_qCiNzQ_OA-P9MmcCYQRc5VuuL27sgYUSrc7u81ImNy_KbbNlnLuzzNWZG3TWAzVlR_XBzhmDxPobNXDaBc3D7oN-tpgTlHaLNT_kQQqcGeTAJAzVaLJeqxrGcNo_rClmNjoIUfl94-59aYL5y-Q1IxQh9BVXN7kWlw-EeYR56h8wUM7pjHlxMLWIJryaZ6ibHHvn_qrbeiDMPpVznQMCeaAEHNthDH4ItWHOI4Ejfw2xlsKwwt_w6JwPTN8O1832nDwwCkxpXIqw7HjzLdkSPE8jYmYuehJ1KZ8Z1TW1BlZZjn487pW84cuaWXgRTSX7FUiu7e-mTlrul9qYDCGggdLerl8Lm46X_wB0zIpnNS8mxi2eMsH4EEc-PSa3gSjAB8FtsBRxC15LhjBJIogNiRuhRtE9JkIpuGcoLg3hUoX9k4w7dyPjJCx-QJb3KeEllLhjRjj7VxVwrwctRCb5-Ur-ix-4XUm6DY4djBE56Z3Jri8WWCgIFwG_L3qFAT96VPLjYHE8tfJhtSWXJryNsDPwC8If1YVVxAyrdMLCDFg9BRph3VVBkVdUmhEbD_AmJ9IGBTsT8CqhBX6P44qi8GirgKyAjICGDIM7lGqXMa9hebWdaxM5mgSWcXbRq2y2-aQhxTLM2WnyTByj971gYs0AoRC4OBs_DVoGuESsskrZ3nP736eiKH2ReFE3kJpclARuvsHlc_JXLID2DLucB9nst6A_X3ICfxoHKEhvJu-4DWOb3vl6uZPhJ1Up2FhiuCTJhdu1UO_UYHemfoBgmg3XFTCAVlKPfbSnZSmhJuQIMt65p7arvLdsv9LbGoRwpikf0IyfBADe-2f-0uJM2Evn5MW2Z_INd_e4MvHiL_WxERCpnGGNphP_GyPxOtUKP8eUDHaY31SSUXehox-OZ5lO_DCpRG-ljjvNQUODO2t0wopsJvkgOETVIrHyIJehX4WXLzo0ruQnQhGf___xiVFhtsionJNtA6Y7-IufklBdllePQcjlHZExfmd9fU9-7JFvEefMm9v5_WXX6dC6ShO4Pyrgwtq6EBY6peFXk9QbI0lhaapgPAAZIRS476kC9KJUiFN73YKzaIg52GmGHsy2rNkwbuXdbYWtMEWeUHjt8Aw9w6oWwJy7pj7f0jLGktCSCbsoQGYNe-eJk3IKAu2pDpZ-1BUqWb2qKZE7rkmwZFtZuJkihSjVM-2LJQ-0_Zdd-KhmqpEsBQviVyU9oYXGmZAiuusZxBEsK71a0vW90FTbXRqT5bz_msD5JaLFA1hGrzkhq3DiDfoUOk0pRGHFsOLoArngMp4OvwIUNrvHSPt7X-_4SpiXuIVo_El-CPUKEGPDr-tqSVlQNPqYVYlUyyx5QbJ5zplA9D4RYvNO2aMwjR02rAEx1riLik9E0PL6sLlQA-ieL5CjTaRAoCmTzIi92AOWXZcRJaE7bK95vgq7aGXBOHSP6rHLgYhxwI2v2oUhOQQm9Wt6dQ4g0CTFx2ghek2_HwWhMgvA3xdZYYRW2JAAD9fC7PD56e8vJDdyYrYF8c8UVdIvGAb6mdaXVt34PTkLmwNCbj7kCGm4V7uockDnZYHtxnmGYp0HBVvjJcnIHZqJeT-I3VDFpLPN-weZ2wHrKMHifMaHvfMA6sctqu0pwvbAdP7mHhj0m_YFbiunQCxdplEoRAXvtQWTlzdEzVla9H_j9utbUxF_92GzlfbGRU7uAOTBQLUxx10rVGdG01GW2PrzN3x-nO179y2y-PN66kUy2-X0XW7OFVN_37D_c57lKOoCdSv9Y-_5LHmgaXp6Ju2ysUBgHryp0q7w48QCbtD0jj80Yv41q3uFTCoQr-zJC7rfomdiFNoKGVPGIFj0ZHyGSXCCPtxvtDyuCCQv0HOt4mNqHXKkmLkShznxpa2IUifRPIIKENeqQlkJBLSs4zdtUTLfHVKv6AVSJEsPqBjApUNS6iq3Nwv6YMEKOY-QYfiV6B2-xka5_RedcYKNYWXSkDQ6GUiGCwug_q5nKo6y2GBFg2dWotwX5A70oJR5msiOrI8VoIRXnv7DegqcUptSIADwJ4zY--DWklxLtLPhNYtOGBdb_C3KLbSMrp7G6oBDTovO9WNNXQy6QdM-vset_ucGBP4JWgaFIG2Yo2gZkHVHuct7BcovVmwOF8qRoy0UygwVthVWdCIBoBTm-D_3A2_qLeMq0IjXvrqwLH169Pe1q3P2p3di8l26c6gMZkncR59etRsnHnslPYpLaVbnp23e8p9SnaLYm9Z3moPesbxzJWhhMEAe9A-8E6aF1savSCbW52__E9QbUuQV8ewxxayHJtrnkzSCzYt0RJH91vLKI0GbtKi1hPkhQXvcc2msqvLy-Kc2aqYgDlmaVVsL5SJOkYOOnG6SpZ7Z2YniVOr9QatkxvbwLOpZ32kPiI4OAQ3v-oqag&cid=CAASJeRo0y5W7P-Jk4Y2UxZ2LOOC7dMkztPnGTbJ7gM-KlQM2k1PtZA&rfl=1%2Chttps%253A%252F%252Fblogs.oglobo.globo.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 01:33:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220303/r20110914/ Frame FEAD 25 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220303/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5421be34bc9ac3564a6daa35c769d13876e5fa7c4a5ed4892e9e8c65d31c1e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 699
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9662
x-xss-protection: 0
server: cafe
etag: 2172778821077356944
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 01:34:26 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FEAD 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121081
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 16:08:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4A3F 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Tue, 08 Mar 2022 13:26:12 GMT
expires: Wed, 09 Mar 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 44393
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame FEAD 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44105237af4290fe02cfb5fb954041cb21d0eeedb348f32d29e5f3ec66d35f96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1A59 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Mar 2022 16:08:05 GMT
expires: Tue, 07 Mar 2023 16:08:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 121080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4A3F
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFzcRHWo-i6e5plIRaqgJj4&google_cver=1&google_push=AYg5qPLcuTvi6uJrp-dUWzaqpolx_QU823Jij1G0f4o0Q-Ff9DBmtspKHvhwRj_imUYn7Rw6QWNA0LFr0U_TpMJmJQ63uvHqmUicmQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjczMDg1NDEzOTYyMTc5NDA2Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFzcRHWo-i6e5plIRaqgJj4&google_cver=1

43 B
398 B

54ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFzcRHWo-i6e5plIRaqgJj4&google_cver=1
Requested by: Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFzcRHWo-i6e5plIRaqgJj4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4A3F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBEUaEvJJnQnerwnknjYfcs&google_cver=1&google_push=AYg5qPJ8BICiFOEl6dUEW0_LzJzYZjVVat49Ykt8B7YYfBw0ipxWW5Ql05OCmk3kbfBRpPW4MhYfLtjn4Uu7h2qb...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ8BICiFOEl6dUEW0_LzJzYZjVVat49Ykt8B7YYfBw0ipxWW5Ql05OCmk3kbfBRpPW4MhYfLtjn4Uu7h2qbIgiYRGjEoDkTSQ

170 B
189 B

17ms
16ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ8BICiFOEl6dUEW0_LzJzYZjVVat49Ykt8B7YYfBw0ipxWW5Ql05OCmk3kbfBRpPW4MhYfLtjn4Uu7h2qbIgiYRGjEoDkTSQ

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 09 Mar 2022 01:46:05 GMT
Server: MT3 4245 b916d47 master cdg-pixel-x31 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ8BICiFOEl6dUEW0_LzJzYZjVVat49Ykt8B7YYfBw0ipxWW5Ql05OCmk3kbfBRpPW4MhYfLtjn4Uu7h2qbIgiYRGjEoDkTSQ
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 09 Mar 2022 01:46:04 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4A3F
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEIc-PNY68xYtFbFl-c7cz38&google_cver=1&google_push=AYg5qPJIiDxtSK6XxB5hy1mP03zZaIrPblIvpwvmuMHbRdX2rQDkY4hFyh4bIWGULN4ZhekAt483xAn9a06VQmVGGdIA0xSSLksQsw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=84D48D36C31D4139A6D81F4266D35C01&google_push=AYg5qPJIiDxtSK6XxB5hy1mP03zZaIrPblIvpwvmuMHbRdX2rQDkY4hFyh4bIWGULN4ZhekAt483xAn9a06VQmV...

170 B
189 B

25ms
24ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=84D48D36C31D4139A6D81F4266D35C01&google_push=AYg5qPJIiDxtSK6XxB5hy1mP03zZaIrPblIvpwvmuMHbRdX2rQDkY4hFyh4bIWGULN4ZhekAt483xAn9a06VQmVGGdIA0xSSLksQsw

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 09 Mar 2022 01:46:05 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=84D48D36C31D4139A6D81F4266D35C01&google_push=AYg5qPJIiDxtSK6XxB5hy1mP03zZaIrPblIvpwvmuMHbRdX2rQDkY4hFyh4bIWGULN4ZhekAt483xAn9a06VQmVGGdIA0xSSLksQsw
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Tue, 08 Mar 2022 01:46:05 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 4A3F 0
173 B 45ms
14ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIDJejLwWqcLcTUKf5UoRjc&google_cver=1&google_push=AYg5qPJMjs0PuxpADWScXg_0p-HJ2Q7S1BziBFMuerlkY3283tC5G53MDkrg5qHGSE2SDd9LF7be7LI3Jvm8SRBRX42JeLtmpcmzFw
Requested by: Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4A3F
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPWjNdkghN0yn4nDeCemfV8&google_cver=1&google_push=AYg5qPLlm8F-UaWE1B98daAWx54vh6bvw4toImbhumvJOANALK5dSBopf8F4Bd6n_ltC0lOalZpKPAIrUsbk946bkgnm4Ri...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLlm8F-UaWE1B98daAWx54vh6bvw4toImbhumvJOANALK5dSBopf8F4Bd6n_ltC0lOalZpKPAIrUsbk946bkgnm4RipkaNCMA&google_hm=NTg2MTUyMDUxNzgyNzQz...

170 B
189 B

20ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLlm8F-UaWE1B98daAWx54vh6bvw4toImbhumvJOANALK5dSBopf8F4Bd6n_ltC0lOalZpKPAIrUsbk946bkgnm4RipkaNCMA&google_hm=NTg2MTUyMDUxNzgyNzQzNjIy

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 09 Mar 2022 01:46:05 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLlm8F-UaWE1B98daAWx54vh6bvw4toImbhumvJOANALK5dSBopf8F4Bd6n_ltC0lOalZpKPAIrUsbk946bkgnm4RipkaNCMA&google_hm=NTg2MTUyMDUxNzgyNzQzNjIy
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4A3F
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPr9jEzQ_CLyvhqmuU50mo0&google_cver=1&google_push=AYg5qPJMgn5bKDWJ_RXfnXxJZiVqbs0JTlY0j-gL-BsyIojpbGoBwp5uUo25JuJeD6ncgR1MtKmDNFPy...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPr9jEzQ_CLyvhqmuU50mo0&google_cver=1&google_push=AYg5qPJMgn5bKDWJ_RXfnXxJZiVqbs0JTlY0j-gL-BsyIojpbGoBwp5uUo25JuJeD6ncgR1MtKm...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc5MzA5NzAwMDkwMDE4NTk2&google_push=AYg5qPJMgn5bKDWJ_RXfnXxJZiVqbs0JTlY0j-gL-BsyIojpbGoBwp5uUo25JuJeD6ncgR1MtKmDNFPy...

170 B
189 B

18ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc5MzA5NzAwMDkwMDE4NTk2&google_push=AYg5qPJMgn5bKDWJ_RXfnXxJZiVqbs0JTlY0j-gL-BsyIojpbGoBwp5uUo25JuJeD6ncgR1MtKmDNFPySuk0IqTl_TQfTuE4R19U5Q

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc5MzA5NzAwMDkwMDE4NTk2&google_push=AYg5qPJMgn5bKDWJ_RXfnXxJZiVqbs0JTlY0j-gL-BsyIojpbGoBwp5uUo25JuJeD6ncgR1MtKmDNFPySuk0IqTl_TQfTuE4R19U5Q
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4A3F
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
https://sync.targeting.unrulymedia.com/csync/RX-f7dcba78-2e7b-470d-8d05-897c90d1cbd5-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLBGTbuX-WVdfDDoYSIc...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLBGTbuX-WVdfDDoYSIc5Qo9IOJM3x_loZGgmJ4yTbFZaTWV5FxCubdWI8yYdWt0GNq-Tk8vEqdZ909qGx0GsnNeb5Jcwhfow&google_hm=A_fcungue0cNjQWJfJDRy9U

170 B
189 B

18ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLBGTbuX-WVdfDDoYSIc5Qo9IOJM3x_loZGgmJ4yTbFZaTWV5FxCubdWI8yYdWt0GNq-Tk8vEqdZ909qGx0GsnNeb5Jcwhfow&google_hm=A_fcungue0cNjQWJfJDRy9U

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLBGTbuX-WVdfDDoYSIc5Qo9IOJM3x_loZGgmJ4yTbFZaTWV5FxCubdWI8yYdWt0GNq-Tk8vEqdZ909qGx0GsnNeb5Jcwhfow&google_hm=A_fcungue0cNjQWJfJDRy9U
date: Wed, 09 Mar 2022 01:46:05 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXf7dcba782e7b470d8d05897c90d1cbd5003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4A3F 0
12 B 18ms
17ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K93-y6GJs1NE3eGM0kIy74XJZliLchi4Q6CY4ksAO8T7xU2LWdxhfLT1YvF-kFFGpqXPwF

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame DC93 4 KB
2 KB 27ms
7ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7e7c9a58c561d93f29fab3943724cefdd1bb12a6183e2b449a56236f8cc783b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1568
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 04 Mar 2022 09:51:30 GMT
expires: Sat, 04 Mar 2023 09:51:30 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
content-type: text/html
age: 402875
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FEAD 0
571 B 50ms
25ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuB_wR8RqEkWA4JWU-EbpzsV9nvetFxl5kHhDVSLv1SPI-Kowc6HiTXdAk_ASIyfkSd8C-_gEusm2tJ8lx_FQ6qVw7cEmCF1j7ivJNxFggSVEpD3qubKwlCgjmdoTdKVySB9tw95lR2DsPF4CiC9bUtc7ZTCJone37rXwy7wIILkal-iTQrwhReOKvevUIHa6Xy0wEMGPv_CMkVMslJYsW--d2dwzL4zsPUpaeqp-5RQ5QAuJZsR9FETkLk4eRjhKI1XWs2DuFEIBhgu2E68FaH0VLhKVpwFi4hZU_SE4hBvuWMoRXNQBqWsoPN10hhUQOjf-PWL_alF7peUyIYeY6VPTY-3U0gPVUTOrlhZz_z328JjDBSEHsvcMuKvxQoLGW2uOlyown3cYdX7Ps7BOPBZhfV6356Zmj_bOJgbFA5no80q2s4vJHVElC_CZGsbxQVBc9cQ93nel4JbsWxJRIZLfWHHqeyiIYpyFdX5DGQiIjINE-suo7e9Vgw0SL_wLm9sW5w0HCGTIx4uMc-NJjy5N8i_7Z5EMOYzSxKK1BNZv5h2AnJ2zKn6Onlxr9ZcCJzClPiOF2ymqj46D70rZoKvFAh7kAk1PhftIRu9WIGVOorrCPjlzRj-Mk0zzL0DILxY3HVnMecyg_6cAKtAcoIS59ll3PXbnQEE-svXpOqXB6TEyxNHWNWvuY9iQK99PVYt62EFc9MTPOUj7baJoLIdmp-FnRcOkYuSM8IDgZ6j8QDy3OgKozXLSrRq2Oa0CCcfoVcU3VbpFWkNLmDAflKtCtLyGvEC8regkwnxEz2jjX14-U8cOEpuCSjYLW7dkz454As0JbtFlFTUsbi1XxJybOARdqE6eyBBIsd9PVAHFYFwMx8cLrQyd1by7P1aUhWk1Tt2Ko371b2abT1CJdljSqMgc_AE5XMH8LOJMdl0GQsH42g0Q5RE7myCOofCFAlU3UZxF3pO3w5gN55Z3t5_sD39mAbarQ1K_wtMp5zQy31ShIhgD4PvuAhfBIOgM3OHSK6RLrub-rpXcJA4jajJIVrGtYrSBHyz8-wdOjPvSsMWfuGf_5GKIQcZ3JB6tDwgcF1KuBsqNeoEgjC8-0ASZ43bwNifJ0QqbEtZ8VRQjH8r-7Vuibt4ecKA1ZH5mg9jCWc7t4JoSgDB46IHZTJNRijZjJdfSpPc2wmimFUsBOvB3mRBiIEeNgMQtuzdi7Cz8XvBPCKNFz_urUp-WllQMAcMoCTmsL4ifbSVnmeZPyw-WcTrprGMFsVlKXZzOjp2i6ttIG0wA5ElRtFp_vuVrz9U-dh8PXmIdtEUSM&sai=AMfl-YQIvi-IRgDKd3jzleJvMe5mJgCs7qIQD5jlYtpipn3dS3iilUBIb64tL0Svv4BiIIJ1bcgazsv2-aUgQkBrxkLZCFiy-h2HZyZEmmEjHEfq4sAJdGwVi_m-sxE9qtXAoTZb0_R8nD2NZaxm73PfojKTkS657swna5cjgCDBRHRMSpYbuiqiv1wKFzbnGOfA2x5Bh9FRV2hZ9A3o7gFKOXXg&sig=Cg0ArKJSzIbTbSk-6uFEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=64&cbvp=1&cstd=62&cisv=r20220303.36765&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 09 Mar 2022 01:46:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame FEAD
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202202_es_ukraine___330033534&atb_dpuid=di_&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

8ms
7ms

Image
image/gif

52.58.32.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 52.58.32.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-32-98.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:05 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Wed, 09 Mar 2022 01:46:05 GMT
Last-Modified: Wed, 09 Mar 2022 01:46:05 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame FA37 928 B
500 B 24ms
23ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7plcCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHG0JjzBikFWuz2O0Gu9FktFyMlpPNZLGYDIFDaIwZg7RibRa73WA3moyGi9lqsFrNJqPVFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUh4K6TKeX3eLwGP0BAPCgAAIAIIBBAlDAe1oC8HE2cwIAAAAAAAAAwPL___8fM0CvtyADIPKe0wPw4APwQFSgXMQIAAAAIBvo8uNoUidUFlUAAATpVgBXAAABf2xa0GxhAAAAA2ML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCChTMy3IqCdO7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqFGI3nA12k8FwNjsAAACAu____389kJgNJq6JyeFc7GaeyWxjsVlMDt9uNZp4nAvnbuI9jRp9Ue0sha6-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPI5QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFstRlsdhvDWmSxmdaikWO5Fm58q7XMM5l5bDOHYeSxrUWvj-k5WQw3ro0XBQPa9iK4SCcqk9P0tzx8Zr_F79b7zH6L3yKWaE4W6UR22Tdmg4lrYnI4F7uZZzLbWGwWk8O3W40mHufCuZv4a6vNYLPbGNYii820Fo0cy7Vw41utZZ7JzGObOQwjj20ten1Mz8liuHFt_I3ZaLZbDjaz0b4xG812y8FmNtp36Azf1edslG3PKY_ONtnWYsqY-aBwGSzen8S0mHZnB9Xvd3QKDdNlUWc0_rxHr0HhOXhUi781LOwcltXZtqxwHAyKWCI4XaQT0ct4uoglkqdFOtHYjAvfyDZzzFyDwW7jcvgmvuHKuNoMNhOTx7eyiCVK00U60asdZtdb5_AcHpa_4O85_ZWel93j8LtFLrfoYXnaHG7Bw_JwKzwPt8hlNj3cMr_TLXiZnCa_W-RyK9xOn98tcrklfrPnb3dY_nah6W22qP_YIIvdXDaaK1aLuWaxSgAAAAAAAAAAS5gzbwIAAABwGsxutdytlgsg8WepCwwCAAAAAACwixlvrbZJEshS3PjxRJmcpr_l4TP7LX633mf2W_xWBpBwE2Xe7Jkg1mq1rAEAAASwAQAAArh18xagIskB!&cmcv=&pix=undefined&cb=1646790365638&uv=3137&tms=1646790365638&abt=adh5c-1_vA!id5mc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vB!t45!ufm_vE!ul106720-016r_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=BF1FA4E53177074249149232112&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d7ce7d41f3939e38ce2b582b79dfe76ef3143ae9bf2870c5d4a530f037b148b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Mar 2022 01:46:05 GMT
via: 1.1 varnish
x-served-by: cache-hhn4078-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1646790366.645230,VS0,VE17
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame DAA8 1 KB
1 KB 18ms
17ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7plcCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHG0JjzBikFWuz2O0Gu9FktFyMlpPNZLGYDIFDaIwZg7RibRa73WA3moyGi9lqsFrNJqPVFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUh4K6TKeX3eLwGP0BAPCgAAIAIIBBAlDAe1oC8HE2cwIAAAAAAAAAwPL___8fM0CvtyADIPKe0wPw4APwQFSgXMQIAAAAIBvo8uNoUidUFlUAAATpVgBXAAABf2xa0GxhAAAAA2ML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCChTMy3IqCdO7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqFGI3nA12k8FwNjsAAACAu____389kJgNJq6JyeFc7GaeyWxjsVlMDt9uNZp4nAvnbuI9jRp9Ue0sha6-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPI5QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFstRlsdhvDWmSxmdaikWO5Fm58q7XMM5l5bDOHYeSxrUWvj-k5WQw3ro0XBQPa9iK4SCcqk9P0tzx8Zr_F79b7zH6L3yKWaE4W6UR22Tdmg4lrYnI4F7uZZzLbWGwWk8O3W40mHufCuZv4a6vNYLPbGNYii820Fo0cy7Vw41utZZ7JzGObOQwjj20ten1Mz8liuHFt_I3ZaLZbDjaz0b4xG812y8FmNtp36Azf1edslG3PKY_ONtnWYsqY-aBwGSzen8S0mHZnB9Xvd3QKDdNlUWc0_rxHr0HhOXhUi781LOwcltXZtqxwHAyKWCI4XaQT0ct4uoglkqdFOtHYjAvfyDZzzFyDwW7jcvgmvuHKuNoMNhOTx7eyiCVK00U60asdZtdb5_AcHpa_4O85_ZWel93j8LtFLrfoYXnaHG7Bw_JwKzwPt8hlNj3cMr_TLXiZnCa_W-RyK9xOn98tcrklfrPnb3dY_nah6W22qP_YIIvdXDaaK1aLuWaxSgAAAAAAAAAAS5gzbwIAAABwGsxutdytlgsg8WepCwwCAAAAAACwixlvrbZJEshS3PjxRJmcpr_l4TP7LX633mf2W_xWBpBwE2Xe7Jkg1mq1rAEAAASwAQAAArh18xagIskB!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 01:46:05 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3401

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7plcCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHG0JjzBikFWuz2O0Gu9FktFyMlpPNZLGYDIFDaIwZg7RibRa73WA3moyGi9lqsFrNJqPVFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUh4K6TKeX3eLwGP0BAPCgAAIAIIBBAlDAe1oC8HE2cwIAAAAAAAAAwPL___8fM0CvtyADIPKe0wPw4APwQFSgXMQIAAAAIBvo8uNoUidUFlUAAATpVgBXAAABf2xa0GxhAAAAA2ML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCChTMy3IqCdO7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqFGI3nA12k8FwNjsAAACAu____389kJgNJq6JyeFc7GaeyWxjsVlMDt9uNZp4nAvnbuI9jRp9Ue0sha6-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPI5QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFstRlsdhvDWmSxmdaikWO5Fm58q7XMM5l5bDOHYeSxrUWvj-k5WQw3ro0XBQPa9iK4SCcqk9P0tzx8Zr_F79b7zH6L3yKWaE4W6UR22Tdmg4lrYnI4F7uZZzLbWGwWk8O3W40mHufCuZv4a6vNYLPbGNYii820Fo0cy7Vw41utZZ7JzGObOQwjj20ten1Mz8liuHFt_I3ZaLZbDjaz0b4xG812y8FmNtp36Azf1edslG3PKY_ONtnWYsqY-aBwGSzen8S0mHZnB9Xvd3QKDdNlUWc0_rxHr0HhOXhUi781LOwcltXZtqxwHAyKWCI4XaQT0ct4uoglkqdFOtHYjAvfyDZzzFyDwW7jcvgmvuHKuNoMNhOTx7eyiCVK00U60asdZtdb5_AcHpa_4O85_ZWel93j8LtFLrfoYXnaHG7Bw_JwKzwPt8hlNj3cMr_TLXiZnCa_W-RyK9xOn98tcrklfrPnb3dY_nah6W22qP_YIIvdXDaaK1aLuWaxSgAAAAAAAAAAS5gzbwIAAABwGsxutdytlgsg8WepCwwCAAAAAACwixlvrbZJEshS3PjxRJmcpr_l4TP7LX633mf2W_xWBpBwE2Xe7Jkg1mq1rAEAAASwAQAAArh18xagIskB!&cmcv=&pix=31589837&cb=1646790365638&uv=3137&tms=1646790365638&abt=adh5c-1_vA!id5mc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vB!t45!ufm_vE!ul106720-016r_vA&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1646790357402.2!ts:1646790365638&mntl=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-length: 0
server: nginx

GET
H2 200 st Show response
imprammp.taboola.com/ Frame F72A 1 KB
599 B 21ms
21ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7SpwCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHHMWaMCYb0oLE2Q13q-VkNJkMlqvBarKcLIewUawJY7IhLUic3XC3Wk5Gi8VuNlmMJovlFCKM5TIZ1AIJy-z3HQQNn8sNgbRoOh0-171eYvb7PHe9z-y3-O06s9_it2v8br_aYXa9dQ7P4WH5C_6e01_pedk9Dr9b5HKLHpanzeEWPCwPt8LzcItcZtPDLfM73YKXyWnyu0Uut8Lt9PndIpdb4jd7_naH5W8Xmt5m_-r09nf-rsvH5Z67fJ-zy3R6WW6q09vfdpmcrrd75XY4zTbV6e3vONyGh9Nnd89dvs_pYTm57AAAAADwAFD1tADxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGAkBiuAQDFoXAPu89lOTvsJn8AADwogAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWMFjECAAAAyAa6_Dia1AmVRRUAAEG6FcAVAEDAH5sWdGEYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTshq9TgPav1ZQ-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PJGaDiWticjgXu5lnMttYbBaTw7dbjSYe58K5m3hPo0ZfVDtLoatvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4FcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEcZWm8FmtzGsRRabaS0aOZZr4ca3Wss8k5nHNnMYRh7bWvT6mJ6TxXDj2nhRMKBtL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfWM2mLgmJodzsZt5JrONxWYxOXy71WjicS6cu4m_ttoMNruNYS2y2Exr0cixXAs3vtVa5pnMPLaZwzDy2Nai18f0nCyGG9fG35iNZrvlYDMb7Ruz0Wy3HGxmo32HzvBdfc5G2fac8uhsk20tpoyZDwqXweL9SUyLaXd2UP1-R6fQMF0WdUbjz3v0GhSeg0e1-FvDws5hWZ1tywrHwaCIJYLTRToRvYyni1gieVqkE-FkuNp4jBuPazlaLQariWdmswyWm5HJM1q4NhaLWKI0XaQTvdphdr11Ds_hYfkL_p7TX-l52T0Ov1vkcoselqfN4RY8LA-3wvNwi1xm08Mt8zvdgpfJafK7RS63wu30-d0il1viN3v-doflbxea3maL-o8NstjNZaO5YrWYaxarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwEqkhw!&cmcv=&pix=undefined&cb=1646790365660&uv=3137&tms=1646790365660&abt=adh5c-1_vA!id5mc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vB!t45!ufm_vC!ul106720-016r_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=E5B12C4AD3787592422095052929&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a7e10dbfb0283c0817331b260e5d431bf49b969e3ff862292752c747bdf39e1d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Mar 2022 01:46:05 GMT
via: 1.1 varnish
x-served-by: cache-hhn4078-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1646790366.664446,VS0,VE15
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame FBE1 928 B
1022 B 18ms
15ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7SpwCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHHMWaMCYb0oLE2Q13q-VkNJkMlqvBarKcLIewUawJY7IhLUic3XC3Wk5Gi8VuNlmMJovlFCKM5TIZ1AIJy-z3HQQNn8sNgbRoOh0-171eYvb7PHe9z-y3-O06s9_it2v8br_aYXa9dQ7P4WH5C_6e01_pedk9Dr9b5HKLHpanzeEWPCwPt8LzcItcZtPDLfM73YKXyWnyu0Uut8Lt9PndIpdb4jd7_naH5W8Xmt5m_-r09nf-rsvH5Z67fJ-zy3R6WW6q09vfdpmcrrd75XY4zTbV6e3vONyGh9Nnd89dvs_pYTm57AAAAADwAFD1tADxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGAkBiuAQDFoXAPu89lOTvsJn8AADwogAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWMFjECAAAAyAa6_Dia1AmVRRUAAEG6FcAVAEDAH5sWdGEYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTshq9TgPav1ZQ-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PJGaDiWticjgXu5lnMttYbBaTw7dbjSYe58K5m3hPo0ZfVDtLoatvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4FcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEcZWm8FmtzGsRRabaS0aOZZr4ca3Wss8k5nHNnMYRh7bWvT6mJ6TxXDj2nhRMKBtL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfWM2mLgmJodzsZt5JrONxWYxOXy71WjicS6cu4m_ttoMNruNYS2y2Exr0cixXAs3vtVa5pnMPLaZwzDy2Nai18f0nCyGG9fG35iNZrvlYDMb7Ruz0Wy3HGxmo32HzvBdfc5G2fac8uhsk20tpoyZDwqXweL9SUyLaXd2UP1-R6fQMF0WdUbjz3v0GhSeg0e1-FvDws5hWZ1tywrHwaCIJYLTRToRvYyni1gieVqkE-FkuNp4jBuPazlaLQariWdmswyWm5HJM1q4NhaLWKI0XaQTvdphdr11Ds_hYfkL_p7TX-l52T0Ov1vkcoselqfN4RY8LA-3wvNwi1xm08Mt8zvdgpfJafK7RS63wu30-d0il1viN3v-doflbxea3maL-o8NstjNZaO5YrWYaxarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwEqkhw!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8d7ce7d41f3939e38ce2b582b79dfe76ef3143ae9bf2870c5d4a530f037b148b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 01:46:05 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 16ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7SpwCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHHMWaMCYb0oLE2Q13q-VkNJkMlqvBarKcLIewUawJY7IhLUic3XC3Wk5Gi8VuNlmMJovlFCKM5TIZ1AIJy-z3HQQNn8sNgbRoOh0-171eYvb7PHe9z-y3-O06s9_it2v8br_aYXa9dQ7P4WH5C_6e01_pedk9Dr9b5HKLHpanzeEWPCwPt8LzcItcZtPDLfM73YKXyWnyu0Uut8Lt9PndIpdb4jd7_naH5W8Xmt5m_-r09nf-rsvH5Z67fJ-zy3R6WW6q09vfdpmcrrd75XY4zTbV6e3vONyGh9Nnd89dvs_pYTm57AAAAADwAFD1tADxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGAkBiuAQDFoXAPu89lOTvsJn8AADwogAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWMFjECAAAAyAa6_Dia1AmVRRUAAEG6FcAVAEDAH5sWdGEYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTshq9TgPav1ZQ-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PJGaDiWticjgXu5lnMttYbBaTw7dbjSYe58K5m3hPo0ZfVDtLoatvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4FcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEcZWm8FmtzGsRRabaS0aOZZr4ca3Wss8k5nHNnMYRh7bWvT6mJ6TxXDj2nhRMKBtL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfWM2mLgmJodzsZt5JrONxWYxOXy71WjicS6cu4m_ttoMNruNYS2y2Exr0cixXAs3vtVa5pnMPLaZwzDy2Nai18f0nCyGG9fG35iNZrvlYDMb7Ruz0Wy3HGxmo32HzvBdfc5G2fac8uhsk20tpoyZDwqXweL9SUyLaXd2UP1-R6fQMF0WdUbjz3v0GhSeg0e1-FvDws5hWZ1tywrHwaCIJYLTRToRvYyni1gieVqkE-FkuNp4jBuPazlaLQariWdmswyWm5HJM1q4NhaLWKI0XaQTvdphdr11Ds_hYfkL_p7TX-l52T0Ov1vkcoselqfN4RY8LA-3wvNwi1xm08Mt8zvdgpfJafK7RS63wu30-d0il1viN3v-doflbxea3maL-o8NstjNZaO5YrWYaxarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwEqkhw!&cmcv=&pix=31589837&cb=1646790365660&uv=3137&tms=1646790365660&abt=adh5c-1_vA!id5mc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vB!t45!ufm_vC!ul106720-016r_vA&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1646790357402.2!ts:1646790365660&mntl=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-length: 0
server: nginx

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame DC93 1 KB
520 B 8ms
7ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93dd9bdfb4786776e0be67aeb0f1bd07f2c8164d05c859888ea58aa5130afb2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:51:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 491
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 09:51:30 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame DC93 109 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Mar 2022 01:46:05 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame DC93 8 KB
2 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69441dcfb941a2e5b4ad898b22589d40edf42108aca20e07799d4ec0668536eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:51:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2182
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 09:51:30 GMT

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A59 35 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 19:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 19:07:18 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 6FF6 23 B
498 B 47ms
47ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&pid=n8YbrV6RMfMr8&cb=0&ws=970x250&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.970x250.inter%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter%22%7D%5D&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: X1KRQQ2TM4CAK69M78NN
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: UddRbJnZl33DxRB5BMbP7v7NHZ2NeN2bycNYnDYKcNJH3Mayfz3T7g==

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DAA8 70 B
265 B 101ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7plcCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHG0JjzBikFWuz2O0Gu9FktFyMlpPNZLGYDIFDaIwZg7RibRa73WA3moyGi9lqsFrNJqPVFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUh4K6TKeX3eLwGP0BAPCgAAIAIIBBAlDAe1oC8HE2cwIAAAAAAAAAwPL___8fM0CvtyADIPKe0wPw4APwQFSgXMQIAAAAIBvo8uNoUidUFlUAAATpVgBXAAABf2xa0GxhAAAAA2ML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCChTMy3IqCdO7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqFGI3nA12k8FwNjsAAACAu____389kJgNJq6JyeFc7GaeyWxjsVlMDt9uNZp4nAvnbuI9jRp9Ue0sha6-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPI5QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFstRlsdhvDWmSxmdaikWO5Fm58q7XMM5l5bDOHYeSxrUWvj-k5WQw3ro0XBQPa9iK4SCcqk9P0tzx8Zr_F79b7zH6L3yKWaE4W6UR22Tdmg4lrYnI4F7uZZzLbWGwWk8O3W40mHufCuZv4a6vNYLPbGNYii820Fo0cy7Vw41utZZ7JzGObOQwjj20ten1Mz8liuHFt_I3ZaLZbDjaz0b4xG812y8FmNtp36Azf1edslG3PKY_ONtnWYsqY-aBwGSzen8S0mHZnB9Xvd3QKDdNlUWc0_rxHr0HhOXhUi781LOwcltXZtqxwHAyKWCI4XaQT0ct4uoglkqdFOtHYjAvfyDZzzFyDwW7jcvgmvuHKuNoMNhOTx7eyiCVK00U60asdZtdb5_AcHpa_4O85_ZWel93j8LtFLrfoYXnaHG7Bw_JwKzwPt8hlNj3cMr_TLXiZnCa_W-RyK9xOn98tcrklfrPnb3dY_nah6W22qP_YIIvdXDaaK1aLuWaxSgAAAAAAAAAAS5gzbwIAAABwGsxutdytlgsg8WepCwwCAAAAAACwixlvrbZJEshS3PjxRJmcpr_l4TP7LX633mf2W_xWBpBwE2Xe7Jkg1mq1rAEAAASwAQAAArh18xagIskB!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame DAA8 43 B
183 B 280ms
93ms Image
image/gif 2600:1f18:612b:4200:fed4:35ed:3821:843c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7plcCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHG0JjzBikFWuz2O0Gu9FktFyMlpPNZLGYDIFDaIwZg7RibRa73WA3moyGi9lqsFrNJqPVFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUh4K6TKeX3eLwGP0BAPCgAAIAIIBBAlDAe1oC8HE2cwIAAAAAAAAAwPL___8fM0CvtyADIPKe0wPw4APwQFSgXMQIAAAAIBvo8uNoUidUFlUAAATpVgBXAAABf2xa0GxhAAAAA2ML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCChTMy3IqCdO7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqFGI3nA12k8FwNjsAAACAu____389kJgNJq6JyeFc7GaeyWxjsVlMDt9uNZp4nAvnbuI9jRp9Ue0sha6-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPI5QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFstRlsdhvDWmSxmdaikWO5Fm58q7XMM5l5bDOHYeSxrUWvj-k5WQw3ro0XBQPa9iK4SCcqk9P0tzx8Zr_F79b7zH6L3yKWaE4W6UR22Tdmg4lrYnI4F7uZZzLbWGwWk8O3W40mHufCuZv4a6vNYLPbGNYii820Fo0cy7Vw41utZZ7JzGObOQwjj20ten1Mz8liuHFt_I3ZaLZbDjaz0b4xG812y8FmNtp36Azf1edslG3PKY_ONtnWYsqY-aBwGSzen8S0mHZnB9Xvd3QKDdNlUWc0_rxHr0HhOXhUi781LOwcltXZtqxwHAyKWCI4XaQT0ct4uoglkqdFOtHYjAvfyDZzzFyDwW7jcvgmvuHKuNoMNhOTx7eyiCVK00U60asdZtdb5_AcHpa_4O85_ZWel93j8LtFLrfoYXnaHG7Bw_JwKzwPt8hlNj3cMr_TLXiZnCa_W-RyK9xOn98tcrklfrPnb3dY_nah6W22qP_YIIvdXDaaK1aLuWaxSgAAAAAAAAAAS5gzbwIAAABwGsxutdytlgsg8WepCwwCAAAAAACwixlvrbZJEshS3PjxRJmcpr_l4TP7LX633mf2W_xWBpBwE2Xe7Jkg1mq1rAEAAASwAQAAArh18xagIskB!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:fed4:35ed:3821:843c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame DAA8
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=af37c808-9f4a-11ec-8eeb-1d03a5b20106&orig=video&us_privacy=1---gdpr=1&

0
98 B

14ms
14ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=af37c808-9f4a-11ec-8eeb-1d03a5b20106&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7plcCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHG0JjzBikFWuz2O0Gu9FktFyMlpPNZLGYDIFDaIwZg7RibRa73WA3moyGi9lqsFrNJqPVFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUh4K6TKeX3eLwGP0BAPCgAAIAIIBBAlDAe1oC8HE2cwIAAAAAAAAAwPL___8fM0CvtyADIPKe0wPw4APwQFSgXMQIAAAAIBvo8uNoUidUFlUAAATpVgBXAAABf2xa0GxhAAAAA2ML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCChTMy3IqCdO7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqFGI3nA12k8FwNjsAAACAu____389kJgNJq6JyeFc7GaeyWxjsVlMDt9uNZp4nAvnbuI9jRp9Ue0sha6-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPI5QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFstRlsdhvDWmSxmdaikWO5Fm58q7XMM5l5bDOHYeSxrUWvj-k5WQw3ro0XBQPa9iK4SCcqk9P0tzx8Zr_F79b7zH6L3yKWaE4W6UR22Tdmg4lrYnI4F7uZZzLbWGwWk8O3W40mHufCuZv4a6vNYLPbGNYii820Fo0cy7Vw41utZZ7JzGObOQwjj20ten1Mz8liuHFt_I3ZaLZbDjaz0b4xG812y8FmNtp36Azf1edslG3PKY_ONtnWYsqY-aBwGSzen8S0mHZnB9Xvd3QKDdNlUWc0_rxHr0HhOXhUi781LOwcltXZtqxwHAyKWCI4XaQT0ct4uoglkqdFOtHYjAvfyDZzzFyDwW7jcvgmvuHKuNoMNhOTx7eyiCVK00U60asdZtdb5_AcHpa_4O85_ZWel93j8LtFLrfoYXnaHG7Bw_JwKzwPt8hlNj3cMr_TLXiZnCa_W-RyK9xOn98tcrklfrPnb3dY_nah6W22qP_YIIvdXDaaK1aLuWaxSgAAAAAAAAAAS5gzbwIAAABwGsxutdytlgsg8WepCwwCAAAAAACwixlvrbZJEshS3PjxRJmcpr_l4TP7LX633mf2W_xWBpBwE2Xe7Jkg1mq1rAEAAASwAQAAArh18xagIskB!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13155

Redirect headers

Date: Wed, 09 Mar 2022 01:46:05 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=af37c808-9f4a-11ec-8eeb-1d03a5b20106&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 102
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame DAA8 43 B
235 B 335ms
109ms Image
image/gif 35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7plcCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHG0JjzBikFWuz2O0Gu9FktFyMlpPNZLGYDIFDaIwZg7RibRa73WA3moyGi9lqsFrNJqPVFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUh4K6TKeX3eLwGP0BAPCgAAIAIIBBAlDAe1oC8HE2cwIAAAAAAAAAwPL___8fM0CvtyADIPKe0wPw4APwQFSgXMQIAAAAIBvo8uNoUidUFlUAAATpVgBXAAABf2xa0GxhAAAAA2ML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCChTMy3IqCdO7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqFGI3nA12k8FwNjsAAACAu____389kJgNJq6JyeFc7GaeyWxjsVlMDt9uNZp4nAvnbuI9jRp9Ue0sha6-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPI5QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFstRlsdhvDWmSxmdaikWO5Fm58q7XMM5l5bDOHYeSxrUWvj-k5WQw3ro0XBQPa9iK4SCcqk9P0tzx8Zr_F79b7zH6L3yKWaE4W6UR22Tdmg4lrYnI4F7uZZzLbWGwWk8O3W40mHufCuZv4a6vNYLPbGNYii820Fo0cy7Vw41utZZ7JzGObOQwjj20ten1Mz8liuHFt_I3ZaLZbDjaz0b4xG812y8FmNtp36Azf1edslG3PKY_ONtnWYsqY-aBwGSzen8S0mHZnB9Xvd3QKDdNlUWc0_rxHr0HhOXhUi781LOwcltXZtqxwHAyKWCI4XaQT0ct4uoglkqdFOtHYjAvfyDZzzFyDwW7jcvgmvuHKuNoMNhOTx7eyiCVK00U60asdZtdb5_AcHpa_4O85_ZWel93j8LtFLrfoYXnaHG7Bw_JwKzwPt8hlNj3cMr_TLXiZnCa_W-RyK9xOn98tcrklfrPnb3dY_nah6W22qP_YIIvdXDaaK1aLuWaxSgAAAAAAAAAAS5gzbwIAAABwGsxutdytlgsg8WepCwwCAAAAAACwixlvrbZJEshS3PjxRJmcpr_l4TP7LX633mf2W_xWBpBwE2Xe7Jkg1mq1rAEAAASwAQAAArh18xagIskB!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame FA37 70 B
264 B 98ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7plcCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHG0JjzBikFWuz2O0Gu9FktFyMlpPNZLGYDIFDaIwZg7RibRa73WA3moyGi9lqsFrNJqPVFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUh4K6TKeX3eLwGP0BAPCgAAIAIIBBAlDAe1oC8HE2cwIAAAAAAAAAwPL___8fM0CvtyADIPKe0wPw4APwQFSgXMQIAAAAIBvo8uNoUidUFlUAAATpVgBXAAABf2xa0GxhAAAAA2ML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCChTMy3IqCdO7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqFGI3nA12k8FwNjsAAACAu____389kJgNJq6JyeFc7GaeyWxjsVlMDt9uNZp4nAvnbuI9jRp9Ue0sha6-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPI5QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFstRlsdhvDWmSxmdaikWO5Fm58q7XMM5l5bDOHYeSxrUWvj-k5WQw3ro0XBQPa9iK4SCcqk9P0tzx8Zr_F79b7zH6L3yKWaE4W6UR22Tdmg4lrYnI4F7uZZzLbWGwWk8O3W40mHufCuZv4a6vNYLPbGNYii820Fo0cy7Vw41utZZ7JzGObOQwjj20ten1Mz8liuHFt_I3ZaLZbDjaz0b4xG812y8FmNtp36Azf1edslG3PKY_ONtnWYsqY-aBwGSzen8S0mHZnB9Xvd3QKDdNlUWc0_rxHr0HhOXhUi781LOwcltXZtqxwHAyKWCI4XaQT0ct4uoglkqdFOtHYjAvfyDZzzFyDwW7jcvgmvuHKuNoMNhOTx7eyiCVK00U60asdZtdb5_AcHpa_4O85_ZWel93j8LtFLrfoYXnaHG7Bw_JwKzwPt8hlNj3cMr_TLXiZnCa_W-RyK9xOn98tcrklfrPnb3dY_nah6W22qP_YIIvdXDaaK1aLuWaxSgAAAAAAAAAAS5gzbwIAAABwGsxutdytlgsg8WepCwwCAAAAAACwixlvrbZJEshS3PjxRJmcpr_l4TP7LX633mf2W_xWBpBwE2Xe7Jkg1mq1rAEAAASwAQAAArh18xagIskB!&cmcv=&pix=undefined&cb=1646790365638&uv=3137&tms=1646790365638&abt=adh5c-1_vA!id5mc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vB!t45!ufm_vE!ul106720-016r_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=BF1FA4E53177074249149232112&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame FA37 43 B
182 B 276ms
94ms Image
image/gif 2600:1f18:612b:4200:fed4:35ed:3821:843c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7plcCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHG0JjzBikFWuz2O0Gu9FktFyMlpPNZLGYDIFDaIwZg7RibRa73WA3moyGi9lqsFrNJqPVFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUh4K6TKeX3eLwGP0BAPCgAAIAIIBBAlDAe1oC8HE2cwIAAAAAAAAAwPL___8fM0CvtyADIPKe0wPw4APwQFSgXMQIAAAAIBvo8uNoUidUFlUAAATpVgBXAAABf2xa0GxhAAAAA2ML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCChTMy3IqCdO7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqFGI3nA12k8FwNjsAAACAu____389kJgNJq6JyeFc7GaeyWxjsVlMDt9uNZp4nAvnbuI9jRp9Ue0sha6-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPI5QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFstRlsdhvDWmSxmdaikWO5Fm58q7XMM5l5bDOHYeSxrUWvj-k5WQw3ro0XBQPa9iK4SCcqk9P0tzx8Zr_F79b7zH6L3yKWaE4W6UR22Tdmg4lrYnI4F7uZZzLbWGwWk8O3W40mHufCuZv4a6vNYLPbGNYii820Fo0cy7Vw41utZZ7JzGObOQwjj20ten1Mz8liuHFt_I3ZaLZbDjaz0b4xG812y8FmNtp36Azf1edslG3PKY_ONtnWYsqY-aBwGSzen8S0mHZnB9Xvd3QKDdNlUWc0_rxHr0HhOXhUi781LOwcltXZtqxwHAyKWCI4XaQT0ct4uoglkqdFOtHYjAvfyDZzzFyDwW7jcvgmvuHKuNoMNhOTx7eyiCVK00U60asdZtdb5_AcHpa_4O85_ZWel93j8LtFLrfoYXnaHG7Bw_JwKzwPt8hlNj3cMr_TLXiZnCa_W-RyK9xOn98tcrklfrPnb3dY_nah6W22qP_YIIvdXDaaK1aLuWaxSgAAAAAAAAAAS5gzbwIAAABwGsxutdytlgsg8WepCwwCAAAAAACwixlvrbZJEshS3PjxRJmcpr_l4TP7LX633mf2W_xWBpBwE2Xe7Jkg1mq1rAEAAASwAQAAArh18xagIskB!&cmcv=&pix=undefined&cb=1646790365638&uv=3137&tms=1646790365638&abt=adh5c-1_vA!id5mc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vB!t45!ufm_vE!ul106720-016r_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=BF1FA4E53177074249149232112&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:fed4:35ed:3821:843c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame FA37
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=af37c808-9f4a-11ec-8eeb-1d03a5b20106&orig=video&us_privacy=1---gdpr=1&

0
98 B

15ms
14ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=af37c808-9f4a-11ec-8eeb-1d03a5b20106&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7plcCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHG0JjzBikFWuz2O0Gu9FktFyMlpPNZLGYDIFDaIwZg7RibRa73WA3moyGi9lqsFrNJqPVFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUh4K6TKeX3eLwGP0BAPCgAAIAIIBBAlDAe1oC8HE2cwIAAAAAAAAAwPL___8fM0CvtyADIPKe0wPw4APwQFSgXMQIAAAAIBvo8uNoUidUFlUAAATpVgBXAAABf2xa0GxhAAAAA2ML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCChTMy3IqCdO7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqFGI3nA12k8FwNjsAAACAu____389kJgNJq6JyeFc7GaeyWxjsVlMDt9uNZp4nAvnbuI9jRp9Ue0sha6-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPI5QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFstRlsdhvDWmSxmdaikWO5Fm58q7XMM5l5bDOHYeSxrUWvj-k5WQw3ro0XBQPa9iK4SCcqk9P0tzx8Zr_F79b7zH6L3yKWaE4W6UR22Tdmg4lrYnI4F7uZZzLbWGwWk8O3W40mHufCuZv4a6vNYLPbGNYii820Fo0cy7Vw41utZZ7JzGObOQwjj20ten1Mz8liuHFt_I3ZaLZbDjaz0b4xG812y8FmNtp36Azf1edslG3PKY_ONtnWYsqY-aBwGSzen8S0mHZnB9Xvd3QKDdNlUWc0_rxHr0HhOXhUi781LOwcltXZtqxwHAyKWCI4XaQT0ct4uoglkqdFOtHYjAvfyDZzzFyDwW7jcvgmvuHKuNoMNhOTx7eyiCVK00U60asdZtdb5_AcHpa_4O85_ZWel93j8LtFLrfoYXnaHG7Bw_JwKzwPt8hlNj3cMr_TLXiZnCa_W-RyK9xOn98tcrklfrPnb3dY_nah6W22qP_YIIvdXDaaK1aLuWaxSgAAAAAAAAAAS5gzbwIAAABwGsxutdytlgsg8WepCwwCAAAAAACwixlvrbZJEshS3PjxRJmcpr_l4TP7LX633mf2W_xWBpBwE2Xe7Jkg1mq1rAEAAASwAQAAArh18xagIskB!&cmcv=&pix=undefined&cb=1646790365638&uv=3137&tms=1646790365638&abt=adh5c-1_vA!id5mc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vB!t45!ufm_vE!ul106720-016r_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=BF1FA4E53177074249149232112&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13155

Redirect headers

Date: Wed, 09 Mar 2022 01:46:05 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=af37c808-9f4a-11ec-8eeb-1d03a5b20106&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 12
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame FA37 43 B
235 B 334ms
104ms Image
image/gif 35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7plcCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHG0JjzBikFWuz2O0Gu9FktFyMlpPNZLGYDIFDaIwZg7RibRa73WA3moyGi9lqsFrNJqPVFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUh4K6TKeX3eLwGP0BAPCgAAIAIIBBAlDAe1oC8HE2cwIAAAAAAAAAwPL___8fM0CvtyADIPKe0wPw4APwQFSgXMQIAAAAIBvo8uNoUidUFlUAAATpVgBXAAABf2xa0GxhAAAAA2ML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCChTMy3IqCdO7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqFGI3nA12k8FwNjsAAACAu____389kJgNJq6JyeFc7GaeyWxjsVlMDt9uNZp4nAvnbuI9jRp9Ue0sha6-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPI5QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFstRlsdhvDWmSxmdaikWO5Fm58q7XMM5l5bDOHYeSxrUWvj-k5WQw3ro0XBQPa9iK4SCcqk9P0tzx8Zr_F79b7zH6L3yKWaE4W6UR22Tdmg4lrYnI4F7uZZzLbWGwWk8O3W40mHufCuZv4a6vNYLPbGNYii820Fo0cy7Vw41utZZ7JzGObOQwjj20ten1Mz8liuHFt_I3ZaLZbDjaz0b4xG812y8FmNtp36Azf1edslG3PKY_ONtnWYsqY-aBwGSzen8S0mHZnB9Xvd3QKDdNlUWc0_rxHr0HhOXhUi781LOwcltXZtqxwHAyKWCI4XaQT0ct4uoglkqdFOtHYjAvfyDZzzFyDwW7jcvgmvuHKuNoMNhOTx7eyiCVK00U60asdZtdb5_AcHpa_4O85_ZWel93j8LtFLrfoYXnaHG7Bw_JwKzwPt8hlNj3cMr_TLXiZnCa_W-RyK9xOn98tcrklfrPnb3dY_nah6W22qP_YIIvdXDaaK1aLuWaxSgAAAAAAAAAAS5gzbwIAAABwGsxutdytlgsg8WepCwwCAAAAAACwixlvrbZJEshS3PjxRJmcpr_l4TP7LX633mf2W_xWBpBwE2Xe7Jkg1mq1rAEAAASwAQAAArh18xagIskB!&cmcv=&pix=undefined&cb=1646790365638&uv=3137&tms=1646790365638&abt=adh5c-1_vA!id5mc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vB!t45!ufm_vE!ul106720-016r_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=BF1FA4E53177074249149232112&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame FA37
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-_R2XdUFE2uFmp7MLytTHE1fjAl5SJWpuQhaTigo-~A

0
98 B

15ms
14ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-_R2XdUFE2uFmp7MLytTHE1fjAl5SJWpuQhaTigo-~A
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7plcCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHG0JjzBikFWuz2O0Gu9FktFyMlpPNZLGYDIFDaIwZg7RibRa73WA3moyGi9lqsFrNJqPVFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUh4K6TKeX3eLwGP0BAPCgAAIAIIBBAlDAe1oC8HE2cwIAAAAAAAAAwPL___8fM0CvtyADIPKe0wPw4APwQFSgXMQIAAAAIBvo8uNoUidUFlUAAATpVgBXAAABf2xa0GxhAAAAA2ML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCChTMy3IqCdO7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqFGI3nA12k8FwNjsAAACAu____389kJgNJq6JyeFc7GaeyWxjsVlMDt9uNZp4nAvnbuI9jRp9Ue0sha6-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPI5QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFstRlsdhvDWmSxmdaikWO5Fm58q7XMM5l5bDOHYeSxrUWvj-k5WQw3ro0XBQPa9iK4SCcqk9P0tzx8Zr_F79b7zH6L3yKWaE4W6UR22Tdmg4lrYnI4F7uZZzLbWGwWk8O3W40mHufCuZv4a6vNYLPbGNYii820Fo0cy7Vw41utZZ7JzGObOQwjj20ten1Mz8liuHFt_I3ZaLZbDjaz0b4xG812y8FmNtp36Azf1edslG3PKY_ONtnWYsqY-aBwGSzen8S0mHZnB9Xvd3QKDdNlUWc0_rxHr0HhOXhUi781LOwcltXZtqxwHAyKWCI4XaQT0ct4uoglkqdFOtHYjAvfyDZzzFyDwW7jcvgmvuHKuNoMNhOTx7eyiCVK00U60asdZtdb5_AcHpa_4O85_ZWel93j8LtFLrfoYXnaHG7Bw_JwKzwPt8hlNj3cMr_TLXiZnCa_W-RyK9xOn98tcrklfrPnb3dY_nah6W22qP_YIIvdXDaaK1aLuWaxSgAAAAAAAAAAS5gzbwIAAABwGsxutdytlgsg8WepCwwCAAAAAACwixlvrbZJEshS3PjxRJmcpr_l4TP7LX633mf2W_xWBpBwE2Xe7Jkg1mq1rAEAAASwAQAAArh18xagIskB!&cmcv=&pix=undefined&cb=1646790365638&uv=3137&tms=1646790365638&abt=adh5c-1_vA!id5mc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vB!t45!ufm_vE!ul106720-016r_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=BF1FA4E53177074249149232112&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13190

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-_R2XdUFE2uFmp7MLytTHE1fjAl5SJWpuQhaTigo-~A
date: Wed, 09 Mar 2022 01:46:05 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame FBE1 70 B
264 B 85ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7SpwCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHHMWaMCYb0oLE2Q13q-VkNJkMlqvBarKcLIewUawJY7IhLUic3XC3Wk5Gi8VuNlmMJovlFCKM5TIZ1AIJy-z3HQQNn8sNgbRoOh0-171eYvb7PHe9z-y3-O06s9_it2v8br_aYXa9dQ7P4WH5C_6e01_pedk9Dr9b5HKLHpanzeEWPCwPt8LzcItcZtPDLfM73YKXyWnyu0Uut8Lt9PndIpdb4jd7_naH5W8Xmt5m_-r09nf-rsvH5Z67fJ-zy3R6WW6q09vfdpmcrrd75XY4zTbV6e3vONyGh9Nnd89dvs_pYTm57AAAAADwAFD1tADxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGAkBiuAQDFoXAPu89lOTvsJn8AADwogAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWMFjECAAAAyAa6_Dia1AmVRRUAAEG6FcAVAEDAH5sWdGEYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTshq9TgPav1ZQ-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PJGaDiWticjgXu5lnMttYbBaTw7dbjSYe58K5m3hPo0ZfVDtLoatvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4FcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEcZWm8FmtzGsRRabaS0aOZZr4ca3Wss8k5nHNnMYRh7bWvT6mJ6TxXDj2nhRMKBtL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfWM2mLgmJodzsZt5JrONxWYxOXy71WjicS6cu4m_ttoMNruNYS2y2Exr0cixXAs3vtVa5pnMPLaZwzDy2Nai18f0nCyGG9fG35iNZrvlYDMb7Ruz0Wy3HGxmo32HzvBdfc5G2fac8uhsk20tpoyZDwqXweL9SUyLaXd2UP1-R6fQMF0WdUbjz3v0GhSeg0e1-FvDws5hWZ1tywrHwaCIJYLTRToRvYyni1gieVqkE-FkuNp4jBuPazlaLQariWdmswyWm5HJM1q4NhaLWKI0XaQTvdphdr11Ds_hYfkL_p7TX-l52T0Ov1vkcoselqfN4RY8LA-3wvNwi1xm08Mt8zvdgpfJafK7RS63wu30-d0il1viN3v-doflbxea3maL-o8NstjNZaO5YrWYaxarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwEqkhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame FBE1 43 B
182 B 263ms
93ms Image
image/gif 2600:1f18:612b:4200:fed4:35ed:3821:843c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7SpwCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHHMWaMCYb0oLE2Q13q-VkNJkMlqvBarKcLIewUawJY7IhLUic3XC3Wk5Gi8VuNlmMJovlFCKM5TIZ1AIJy-z3HQQNn8sNgbRoOh0-171eYvb7PHe9z-y3-O06s9_it2v8br_aYXa9dQ7P4WH5C_6e01_pedk9Dr9b5HKLHpanzeEWPCwPt8LzcItcZtPDLfM73YKXyWnyu0Uut8Lt9PndIpdb4jd7_naH5W8Xmt5m_-r09nf-rsvH5Z67fJ-zy3R6WW6q09vfdpmcrrd75XY4zTbV6e3vONyGh9Nnd89dvs_pYTm57AAAAADwAFD1tADxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGAkBiuAQDFoXAPu89lOTvsJn8AADwogAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWMFjECAAAAyAa6_Dia1AmVRRUAAEG6FcAVAEDAH5sWdGEYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTshq9TgPav1ZQ-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PJGaDiWticjgXu5lnMttYbBaTw7dbjSYe58K5m3hPo0ZfVDtLoatvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4FcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEcZWm8FmtzGsRRabaS0aOZZr4ca3Wss8k5nHNnMYRh7bWvT6mJ6TxXDj2nhRMKBtL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfWM2mLgmJodzsZt5JrONxWYxOXy71WjicS6cu4m_ttoMNruNYS2y2Exr0cixXAs3vtVa5pnMPLaZwzDy2Nai18f0nCyGG9fG35iNZrvlYDMb7Ruz0Wy3HGxmo32HzvBdfc5G2fac8uhsk20tpoyZDwqXweL9SUyLaXd2UP1-R6fQMF0WdUbjz3v0GhSeg0e1-FvDws5hWZ1tywrHwaCIJYLTRToRvYyni1gieVqkE-FkuNp4jBuPazlaLQariWdmswyWm5HJM1q4NhaLWKI0XaQTvdphdr11Ds_hYfkL_p7TX-l52T0Ov1vkcoselqfN4RY8LA-3wvNwi1xm08Mt8zvdgpfJafK7RS63wu30-d0il1viN3v-doflbxea3maL-o8NstjNZaO5YrWYaxarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwEqkhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:fed4:35ed:3821:843c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame FBE1
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=af37c808-9f4a-11ec-8eeb-1d03a5b20106&orig=video&us_privacy=1---gdpr=1&

0
98 B

15ms
15ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=af37c808-9f4a-11ec-8eeb-1d03a5b20106&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7SpwCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHHMWaMCYb0oLE2Q13q-VkNJkMlqvBarKcLIewUawJY7IhLUic3XC3Wk5Gi8VuNlmMJovlFCKM5TIZ1AIJy-z3HQQNn8sNgbRoOh0-171eYvb7PHe9z-y3-O06s9_it2v8br_aYXa9dQ7P4WH5C_6e01_pedk9Dr9b5HKLHpanzeEWPCwPt8LzcItcZtPDLfM73YKXyWnyu0Uut8Lt9PndIpdb4jd7_naH5W8Xmt5m_-r09nf-rsvH5Z67fJ-zy3R6WW6q09vfdpmcrrd75XY4zTbV6e3vONyGh9Nnd89dvs_pYTm57AAAAADwAFD1tADxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGAkBiuAQDFoXAPu89lOTvsJn8AADwogAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWMFjECAAAAyAa6_Dia1AmVRRUAAEG6FcAVAEDAH5sWdGEYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTshq9TgPav1ZQ-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PJGaDiWticjgXu5lnMttYbBaTw7dbjSYe58K5m3hPo0ZfVDtLoatvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4FcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEcZWm8FmtzGsRRabaS0aOZZr4ca3Wss8k5nHNnMYRh7bWvT6mJ6TxXDj2nhRMKBtL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfWM2mLgmJodzsZt5JrONxWYxOXy71WjicS6cu4m_ttoMNruNYS2y2Exr0cixXAs3vtVa5pnMPLaZwzDy2Nai18f0nCyGG9fG35iNZrvlYDMb7Ruz0Wy3HGxmo32HzvBdfc5G2fac8uhsk20tpoyZDwqXweL9SUyLaXd2UP1-R6fQMF0WdUbjz3v0GhSeg0e1-FvDws5hWZ1tywrHwaCIJYLTRToRvYyni1gieVqkE-FkuNp4jBuPazlaLQariWdmswyWm5HJM1q4NhaLWKI0XaQTvdphdr11Ds_hYfkL_p7TX-l52T0Ov1vkcoselqfN4RY8LA-3wvNwi1xm08Mt8zvdgpfJafK7RS63wu30-d0il1viN3v-doflbxea3maL-o8NstjNZaO5YrWYaxarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwEqkhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13155

Redirect headers

Date: Wed, 09 Mar 2022 01:46:05 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=af37c808-9f4a-11ec-8eeb-1d03a5b20106&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 6
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame FBE1 43 B
235 B 320ms
104ms Image
image/gif 35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7SpwCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHHMWaMCYb0oLE2Q13q-VkNJkMlqvBarKcLIewUawJY7IhLUic3XC3Wk5Gi8VuNlmMJovlFCKM5TIZ1AIJy-z3HQQNn8sNgbRoOh0-171eYvb7PHe9z-y3-O06s9_it2v8br_aYXa9dQ7P4WH5C_6e01_pedk9Dr9b5HKLHpanzeEWPCwPt8LzcItcZtPDLfM73YKXyWnyu0Uut8Lt9PndIpdb4jd7_naH5W8Xmt5m_-r09nf-rsvH5Z67fJ-zy3R6WW6q09vfdpmcrrd75XY4zTbV6e3vONyGh9Nnd89dvs_pYTm57AAAAADwAFD1tADxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGAkBiuAQDFoXAPu89lOTvsJn8AADwogAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWMFjECAAAAyAa6_Dia1AmVRRUAAEG6FcAVAEDAH5sWdGEYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTshq9TgPav1ZQ-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PJGaDiWticjgXu5lnMttYbBaTw7dbjSYe58K5m3hPo0ZfVDtLoatvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4FcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEcZWm8FmtzGsRRabaS0aOZZr4ca3Wss8k5nHNnMYRh7bWvT6mJ6TxXDj2nhRMKBtL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfWM2mLgmJodzsZt5JrONxWYxOXy71WjicS6cu4m_ttoMNruNYS2y2Exr0cixXAs3vtVa5pnMPLaZwzDy2Nai18f0nCyGG9fG35iNZrvlYDMb7Ruz0Wy3HGxmo32HzvBdfc5G2fac8uhsk20tpoyZDwqXweL9SUyLaXd2UP1-R6fQMF0WdUbjz3v0GhSeg0e1-FvDws5hWZ1tywrHwaCIJYLTRToRvYyni1gieVqkE-FkuNp4jBuPazlaLQariWdmswyWm5HJM1q4NhaLWKI0XaQTvdphdr11Ds_hYfkL_p7TX-l52T0Ov1vkcoselqfN4RY8LA-3wvNwi1xm08Mt8zvdgpfJafK7RS63wu30-d0il1viN3v-doflbxea3maL-o8NstjNZaO5YrWYaxarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwEqkhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame FBE1
Redirect Chain

https://ups.analytics.yahoo.com/ups/58534/occ
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-_R2XdUFE2uFmp7MLytTHE1fjAl5SJWpuQhaTigo-~A

0
98 B

15ms
14ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-_R2XdUFE2uFmp7MLytTHE1fjAl5SJWpuQhaTigo-~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7SpwCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHHMWaMCYb0oLE2Q13q-VkNJkMlqvBarKcLIewUawJY7IhLUic3XC3Wk5Gi8VuNlmMJovlFCKM5TIZ1AIJy-z3HQQNn8sNgbRoOh0-171eYvb7PHe9z-y3-O06s9_it2v8br_aYXa9dQ7P4WH5C_6e01_pedk9Dr9b5HKLHpanzeEWPCwPt8LzcItcZtPDLfM73YKXyWnyu0Uut8Lt9PndIpdb4jd7_naH5W8Xmt5m_-r09nf-rsvH5Z67fJ-zy3R6WW6q09vfdpmcrrd75XY4zTbV6e3vONyGh9Nnd89dvs_pYTm57AAAAADwAFD1tADxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGAkBiuAQDFoXAPu89lOTvsJn8AADwogAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWMFjECAAAAyAa6_Dia1AmVRRUAAEG6FcAVAEDAH5sWdGEYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTshq9TgPav1ZQ-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PJGaDiWticjgXu5lnMttYbBaTw7dbjSYe58K5m3hPo0ZfVDtLoatvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4FcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEcZWm8FmtzGsRRabaS0aOZZr4ca3Wss8k5nHNnMYRh7bWvT6mJ6TxXDj2nhRMKBtL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfWM2mLgmJodzsZt5JrONxWYxOXy71WjicS6cu4m_ttoMNruNYS2y2Exr0cixXAs3vtVa5pnMPLaZwzDy2Nai18f0nCyGG9fG35iNZrvlYDMb7Ruz0Wy3HGxmo32HzvBdfc5G2fac8uhsk20tpoyZDwqXweL9SUyLaXd2UP1-R6fQMF0WdUbjz3v0GhSeg0e1-FvDws5hWZ1tywrHwaCIJYLTRToRvYyni1gieVqkE-FkuNp4jBuPazlaLQariWdmswyWm5HJM1q4NhaLWKI0XaQTvdphdr11Ds_hYfkL_p7TX-l52T0Ov1vkcoselqfN4RY8LA-3wvNwi1xm08Mt8zvdgpfJafK7RS63wu30-d0il1viN3v-doflbxea3maL-o8NstjNZaO5YrWYaxarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwEqkhw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13190

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-_R2XdUFE2uFmp7MLytTHE1fjAl5SJWpuQhaTigo-~A
date: Wed, 09 Mar 2022 01:46:05 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame F72A 43 B
182 B 263ms
93ms Image
image/gif 2600:1f18:612b:4200:fed4:35ed:3821:843c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7SpwCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHHMWaMCYb0oLE2Q13q-VkNJkMlqvBarKcLIewUawJY7IhLUic3XC3Wk5Gi8VuNlmMJovlFCKM5TIZ1AIJy-z3HQQNn8sNgbRoOh0-171eYvb7PHe9z-y3-O06s9_it2v8br_aYXa9dQ7P4WH5C_6e01_pedk9Dr9b5HKLHpanzeEWPCwPt8LzcItcZtPDLfM73YKXyWnyu0Uut8Lt9PndIpdb4jd7_naH5W8Xmt5m_-r09nf-rsvH5Z67fJ-zy3R6WW6q09vfdpmcrrd75XY4zTbV6e3vONyGh9Nnd89dvs_pYTm57AAAAADwAFD1tADxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGAkBiuAQDFoXAPu89lOTvsJn8AADwogAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWMFjECAAAAyAa6_Dia1AmVRRUAAEG6FcAVAEDAH5sWdGEYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTshq9TgPav1ZQ-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PJGaDiWticjgXu5lnMttYbBaTw7dbjSYe58K5m3hPo0ZfVDtLoatvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4FcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEcZWm8FmtzGsRRabaS0aOZZr4ca3Wss8k5nHNnMYRh7bWvT6mJ6TxXDj2nhRMKBtL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfWM2mLgmJodzsZt5JrONxWYxOXy71WjicS6cu4m_ttoMNruNYS2y2Exr0cixXAs3vtVa5pnMPLaZwzDy2Nai18f0nCyGG9fG35iNZrvlYDMb7Ruz0Wy3HGxmo32HzvBdfc5G2fac8uhsk20tpoyZDwqXweL9SUyLaXd2UP1-R6fQMF0WdUbjz3v0GhSeg0e1-FvDws5hWZ1tywrHwaCIJYLTRToRvYyni1gieVqkE-FkuNp4jBuPazlaLQariWdmswyWm5HJM1q4NhaLWKI0XaQTvdphdr11Ds_hYfkL_p7TX-l52T0Ov1vkcoselqfN4RY8LA-3wvNwi1xm08Mt8zvdgpfJafK7RS63wu30-d0il1viN3v-doflbxea3maL-o8NstjNZaO5YrWYaxarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwEqkhw!&cmcv=&pix=undefined&cb=1646790365660&uv=3137&tms=1646790365660&abt=adh5c-1_vA!id5mc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vB!t45!ufm_vC!ul106720-016r_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=E5B12C4AD3787592422095052929&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:fed4:35ed:3821:843c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame F72A 70 B
264 B 84ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7SpwCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHHMWaMCYb0oLE2Q13q-VkNJkMlqvBarKcLIewUawJY7IhLUic3XC3Wk5Gi8VuNlmMJovlFCKM5TIZ1AIJy-z3HQQNn8sNgbRoOh0-171eYvb7PHe9z-y3-O06s9_it2v8br_aYXa9dQ7P4WH5C_6e01_pedk9Dr9b5HKLHpanzeEWPCwPt8LzcItcZtPDLfM73YKXyWnyu0Uut8Lt9PndIpdb4jd7_naH5W8Xmt5m_-r09nf-rsvH5Z67fJ-zy3R6WW6q09vfdpmcrrd75XY4zTbV6e3vONyGh9Nnd89dvs_pYTm57AAAAADwAFD1tADxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGAkBiuAQDFoXAPu89lOTvsJn8AADwogAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWMFjECAAAAyAa6_Dia1AmVRRUAAEG6FcAVAEDAH5sWdGEYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTshq9TgPav1ZQ-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PJGaDiWticjgXu5lnMttYbBaTw7dbjSYe58K5m3hPo0ZfVDtLoatvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4FcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEcZWm8FmtzGsRRabaS0aOZZr4ca3Wss8k5nHNnMYRh7bWvT6mJ6TxXDj2nhRMKBtL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfWM2mLgmJodzsZt5JrONxWYxOXy71WjicS6cu4m_ttoMNruNYS2y2Exr0cixXAs3vtVa5pnMPLaZwzDy2Nai18f0nCyGG9fG35iNZrvlYDMb7Ruz0Wy3HGxmo32HzvBdfc5G2fac8uhsk20tpoyZDwqXweL9SUyLaXd2UP1-R6fQMF0WdUbjz3v0GhSeg0e1-FvDws5hWZ1tywrHwaCIJYLTRToRvYyni1gieVqkE-FkuNp4jBuPazlaLQariWdmswyWm5HJM1q4NhaLWKI0XaQTvdphdr11Ds_hYfkL_p7TX-l52T0Ov1vkcoselqfN4RY8LA-3wvNwi1xm08Mt8zvdgpfJafK7RS63wu30-d0il1viN3v-doflbxea3maL-o8NstjNZaO5YrWYaxarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwEqkhw!&cmcv=&pix=undefined&cb=1646790365660&uv=3137&tms=1646790365660&abt=adh5c-1_vA!id5mc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vB!t45!ufm_vC!ul106720-016r_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=E5B12C4AD3787592422095052929&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame F72A
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=af37c808-9f4a-11ec-8eeb-1d03a5b20106&orig=video&us_privacy=1---gdpr=1&

0
98 B

15ms
15ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=af37c808-9f4a-11ec-8eeb-1d03a5b20106&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7SpwCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHHMWaMCYb0oLE2Q13q-VkNJkMlqvBarKcLIewUawJY7IhLUic3XC3Wk5Gi8VuNlmMJovlFCKM5TIZ1AIJy-z3HQQNn8sNgbRoOh0-171eYvb7PHe9z-y3-O06s9_it2v8br_aYXa9dQ7P4WH5C_6e01_pedk9Dr9b5HKLHpanzeEWPCwPt8LzcItcZtPDLfM73YKXyWnyu0Uut8Lt9PndIpdb4jd7_naH5W8Xmt5m_-r09nf-rsvH5Z67fJ-zy3R6WW6q09vfdpmcrrd75XY4zTbV6e3vONyGh9Nnd89dvs_pYTm57AAAAADwAFD1tADxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGAkBiuAQDFoXAPu89lOTvsJn8AADwogAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWMFjECAAAAyAa6_Dia1AmVRRUAAEG6FcAVAEDAH5sWdGEYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTshq9TgPav1ZQ-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PJGaDiWticjgXu5lnMttYbBaTw7dbjSYe58K5m3hPo0ZfVDtLoatvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4FcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEcZWm8FmtzGsRRabaS0aOZZr4ca3Wss8k5nHNnMYRh7bWvT6mJ6TxXDj2nhRMKBtL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfWM2mLgmJodzsZt5JrONxWYxOXy71WjicS6cu4m_ttoMNruNYS2y2Exr0cixXAs3vtVa5pnMPLaZwzDy2Nai18f0nCyGG9fG35iNZrvlYDMb7Ruz0Wy3HGxmo32HzvBdfc5G2fac8uhsk20tpoyZDwqXweL9SUyLaXd2UP1-R6fQMF0WdUbjz3v0GhSeg0e1-FvDws5hWZ1tywrHwaCIJYLTRToRvYyni1gieVqkE-FkuNp4jBuPazlaLQariWdmswyWm5HJM1q4NhaLWKI0XaQTvdphdr11Ds_hYfkL_p7TX-l52T0Ov1vkcoselqfN4RY8LA-3wvNwi1xm08Mt8zvdgpfJafK7RS63wu30-d0il1viN3v-doflbxea3maL-o8NstjNZaO5YrWYaxarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwEqkhw!&cmcv=&pix=undefined&cb=1646790365660&uv=3137&tms=1646790365660&abt=adh5c-1_vA!id5mc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vB!t45!ufm_vC!ul106720-016r_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=E5B12C4AD3787592422095052929&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13252

Redirect headers

Date: Wed, 09 Mar 2022 01:46:05 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=af37c808-9f4a-11ec-8eeb-1d03a5b20106&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 49
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame F72A 43 B
235 B 353ms
128ms Image
image/gif 35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7SpwCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHHMWaMCYb0oLE2Q13q-VkNJkMlqvBarKcLIewUawJY7IhLUic3XC3Wk5Gi8VuNlmMJovlFCKM5TIZ1AIJy-z3HQQNn8sNgbRoOh0-171eYvb7PHe9z-y3-O06s9_it2v8br_aYXa9dQ7P4WH5C_6e01_pedk9Dr9b5HKLHpanzeEWPCwPt8LzcItcZtPDLfM73YKXyWnyu0Uut8Lt9PndIpdb4jd7_naH5W8Xmt5m_-r09nf-rsvH5Z67fJ-zy3R6WW6q09vfdpmcrrd75XY4zTbV6e3vONyGh9Nnd89dvs_pYTm57AAAAADwAFD1tADxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGAkBiuAQDFoXAPu89lOTvsJn8AADwogAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWMFjECAAAAyAa6_Dia1AmVRRUAAEG6FcAVAEDAH5sWdGEYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTshq9TgPav1ZQ-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PJGaDiWticjgXu5lnMttYbBaTw7dbjSYe58K5m3hPo0ZfVDtLoatvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4FcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEcZWm8FmtzGsRRabaS0aOZZr4ca3Wss8k5nHNnMYRh7bWvT6mJ6TxXDj2nhRMKBtL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfWM2mLgmJodzsZt5JrONxWYxOXy71WjicS6cu4m_ttoMNruNYS2y2Exr0cixXAs3vtVa5pnMPLaZwzDy2Nai18f0nCyGG9fG35iNZrvlYDMb7Ruz0Wy3HGxmo32HzvBdfc5G2fac8uhsk20tpoyZDwqXweL9SUyLaXd2UP1-R6fQMF0WdUbjz3v0GhSeg0e1-FvDws5hWZ1tywrHwaCIJYLTRToRvYyni1gieVqkE-FkuNp4jBuPazlaLQariWdmswyWm5HJM1q4NhaLWKI0XaQTvdphdr11Ds_hYfkL_p7TX-l52T0Ov1vkcoselqfN4RY8LA-3wvNwi1xm08Mt8zvdgpfJafK7RS63wu30-d0il1viN3v-doflbxea3maL-o8NstjNZaO5YrWYaxarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwEqkhw!&cmcv=&pix=undefined&cb=1646790365660&uv=3137&tms=1646790365660&abt=adh5c-1_vA!id5mc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vB!t45!ufm_vC!ul106720-016r_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=E5B12C4AD3787592422095052929&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame DC93 30 KB
30 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/bg1.jpg

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6317cb9eae37b490a553e682b2d8fac09e3866a149c0acb3b90b26d2b1a908ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:51:30 GMT
x-content-type-options: nosniff
age: 402875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31197
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 09:51:30 GMT

GET
H3 200 b1.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame DC93 454 B
481 B 7ms
7ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/b1.png

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b5db3bb38bd76da9e83a688bdcc8001ea36d2d9721b598c01e8e1c3a5325e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:51:30 GMT
x-content-type-options: nosniff
age: 402875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 454
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 09:51:30 GMT

GET
H3 200 h1.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame DC93 13 KB
13 KB 12ms
11ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h1.png

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00215534b8bfbee85755fa9aa4a9b6991284de6c25528d09fa2bb7298a2b0519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:51:30 GMT
x-content-type-options: nosniff
age: 402875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13570
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 09:51:30 GMT

GET
H3 200 h2.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame DC93 11 KB
11 KB 13ms
11ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h2.png

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1bdf6f2f0ae6db22067d27ff6560f2720ea2cddcbe953d4e317d2e7e8b17328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:51:30 GMT
x-content-type-options: nosniff
age: 402875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11140
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 09:51:30 GMT

GET
H3 200 h3.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame DC93 2 KB
2 KB 11ms
9ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/h3.png

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d257e529cf82beeb2dce7c62b7f7deb6747384677d1f4b5ff6e7c7936278e717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:51:30 GMT
x-content-type-options: nosniff
age: 402875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2211
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 09:51:30 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame DC93 1 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/cta.png

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33ac7c2a73fd64b2ea828e6a46e26d79a25439d11db5cf50b532af5697ff85d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:51:30 GMT
x-content-type-options: nosniff
age: 402875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1527
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 09:51:30 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/ Frame DC93 1 KB
1 KB 9ms
8ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/logo.png

Requested by

Host: f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com
URL: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c6676f4aae666c5dd775495b931dbcee43f6c3b09f2fb7cf07b108a445d4a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10976660596384734745/unicef_ukraine_spende_300x250_dcm/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:51:30 GMT
x-content-type-options: nosniff
age: 402875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1159
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 09:44:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 04 Mar 2023 09:51:30 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame FEAD 0
23 B 34ms
19ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuB_wR8RqEkWA4JWU-EbpzsV9nvetFxl5kHhDVSLv1SPI-Kowc6HiTXdAk_ASIyfkSd8C-_gEusm2tJ8lx_FQ6qVw7cEmCF1j7ivJNxFggSVEpD3qubKwlCgjmdoTdKVySB9tw95lR2DsPF4CiC9bUtc7ZTCJone37rXwy7wIILkal-iTQrwhReOKvevUIHa6Xy0wEMGPv_CMkVMslJYsW--d2dwzL4zsPUpaeqp-5RQ5QAuJZsR9FETkLk4eRjhKI1XWs2DuFEIBhgu2E68FaH0VLhKVpwFi4hZU_SE4hBvuWMoRXNQBqWsoPN10hhUQOjf-PWL_alF7peUyIYeY6VPTY-3U0gPVUTOrlhZz_z328JjDBSEHsvcMuKvxQoLGW2uOlyown3cYdX7Ps7BOPBZhfV6356Zmj_bOJgbFA5no80q2s4vJHVElC_CZGsbxQVBc9cQ93nel4JbsWxJRIZLfWHHqeyiIYpyFdX5DGQiIjINE-suo7e9Vgw0SL_wLm9sW5w0HCGTIx4uMc-NJjy5N8i_7Z5EMOYzSxKK1BNZv5h2AnJ2zKn6Onlxr9ZcCJzClPiOF2ymqj46D70rZoKvFAh7kAk1PhftIRu9WIGVOorrCPjlzRj-Mk0zzL0DILxY3HVnMecyg_6cAKtAcoIS59ll3PXbnQEE-svXpOqXB6TEyxNHWNWvuY9iQK99PVYt62EFc9MTPOUj7baJoLIdmp-FnRcOkYuSM8IDgZ6j8QDy3OgKozXLSrRq2Oa0CCcfoVcU3VbpFWkNLmDAflKtCtLyGvEC8regkwnxEz2jjX14-U8cOEpuCSjYLW7dkz454As0JbtFlFTUsbi1XxJybOARdqE6eyBBIsd9PVAHFYFwMx8cLrQyd1by7P1aUhWk1Tt2Ko371b2abT1CJdljSqMgc_AE5XMH8LOJMdl0GQsH42g0Q5RE7myCOofCFAlU3UZxF3pO3w5gN55Z3t5_sD39mAbarQ1K_wtMp5zQy31ShIhgD4PvuAhfBIOgM3OHSK6RLrub-rpXcJA4jajJIVrGtYrSBHyz8-wdOjPvSsMWfuGf_5GKIQcZ3JB6tDwgcF1KuBsqNeoEgjC8-0ASZ43bwNifJ0QqbEtZ8VRQjH8r-7Vuibt4ecKA1ZH5mg9jCWc7t4JoSgDB46IHZTJNRijZjJdfSpPc2wmimFUsBOvB3mRBiIEeNgMQtuzdi7Cz8XvBPCKNFz_urUp-WllQMAcMoCTmsL4ifbSVnmeZPyw-WcTrprGMFsVlKXZzOjp2i6ttIG0wA5ElRtFp_vuVrz9U-dh8PXmIdtEUSM&sai=AMfl-YQIvi-IRgDKd3jzleJvMe5mJgCs7qIQD5jlYtpipn3dS3iilUBIb64tL0Svv4BiIIJ1bcgazsv2-aUgQkBrxkLZCFiy-h2HZyZEmmEjHEfq4sAJdGwVi_m-sxE9qtXAoTZb0_R8nD2NZaxm73PfojKTkS657swna5cjgCDBRHRMSpYbuiqiv1wKFzbnGOfA2x5Bh9FRV2hZ9A3o7gFKOXXg&sig=Cg0ArKJSzIbTbSk-6uFEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=183&vt=11&dtpt=119&dett=3&cstd=62&cisv=r20220303.36765&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 6FF6 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6FF6 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6FF6 22 KB
9 KB 180ms
179ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4213584432881159&correlator=792905522465415&eid=31064151%2C31065570&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220309&iu_parts=138871148%3A85042905%2Coglobo.globo.com.dw.970x250.inter&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&fsapi=false&prev_scp=pwtdeal_ias%3DPMP_-_42_-_75ea1d9b7dae92%26adt%3Dlow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26fr%3Dtrue%26id%3Daea3f6ba-9f4a-11ec-8ba9-0a55872b6571%26vw%3D40%252C50%252C60%26grm%3D40%26vw05%3D40%252C50%26vw10%3D40%26vw15%3D40%26ias-kw%3DIAS_8423_KW%252CIAS_8430_KW%26pwtsid%3D75ea1d9b7dae92%26pwtbst%3D1%26pwtecp%3D0.01%26pwtdid%3D42%26pwtpid%3Dias%26pwtpubid%3D157163%26pwtprofid%3D4984%26pwtverid%3D3%26pwtsz%3D100x200%26pwtplt%3Ddisplay%26amznbid%3D2%26amznp%3D2%26hcmviewable%3Dfalse&eri=1&cookie=ID%3Db7fd25f58653e3a1%3AT%3D1646790363%3AS%3DALNI_MbCSbspQ_GfjZ5sq8O2JV8HTGF06w&cdm=blogs.oglobo.globo.com&abxe=1&dt=1646790365767&lmt=1646790365&dlt=1646790364244&idt=93&biw=1600&bih=1200&isw=970&ish=250&oid=2&adxs=315&adys=6105&ucis=k3ve1vnjhh4x&adks=2487537034&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&top=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=23&vis=1&scr_x=0&scr_y=0&psz=970x0&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=564303274.1646790363&ga_sid=1646790366&ga_hid=1325353758&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26b5865b80cb0047981a26665df39b27edbea6b94cc6b36682e806da1145288e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9489
x-xss-protection: 0
google-lineitem-id: 5770955185
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360694999
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6FF6 13 KB
10 KB 38ms
21ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58a559e2a201e02c268c481145bdf1a704a7cf0ede95156f29b25af4709738fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10486
x-xss-protection: 0

GET
H2 200 container.html Show response
337c59341587dbed9ae4e319ddd6280f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0EED 6 KB
3 KB 30ms
15ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://337c59341587dbed9ae4e319ddd6280f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 09 Mar 2022 01:46:05 GMT
expires: Thu, 09 Mar 2023 01:46:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 9F88 23 B
497 B 46ms
46ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&pid=BI25ZgQSbPg3x&cb=0&ws=728x90&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.728x90.inter%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F138871148%2C85042905%2Foglobo.globo.com.dw.728x90.inter%22%7D%5D&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: ZQBAG4Z8X0XG02PJ8VX1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: pcCE65wWXltvSj1S3L21O5UNu6lDHy95TQ7BeblJqZRg6e-bHW0WdQ==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6FF6 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:46:05 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5C97
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

27ms
9ms

Document
text/html

104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7plcCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHG0JjzBikFWuz2O0Gu9FktFyMlpPNZLGYDIFDaIwZg7RibRa73WA3moyGi9lqsFrNJqPVFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUh4K6TKeX3eLwGP0BAPCgAAIAIIBBAlDAe1oC8HE2cwIAAAAAAAAAwPL___8fM0CvtyADIPKe0wPw4APwQFSgXMQIAAAAIBvo8uNoUidUFlUAAATpVgBXAAABf2xa0GxhAAAAA2ML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCChTMy3IqCdO7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqFGI3nA12k8FwNjsAAACAu____389kJgNJq6JyeFc7GaeyWxjsVlMDt9uNZp4nAvnbuI9jRp9Ue0sha6-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPI5QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFstRlsdhvDWmSxmdaikWO5Fm58q7XMM5l5bDOHYeSxrUWvj-k5WQw3ro0XBQPa9iK4SCcqk9P0tzx8Zr_F79b7zH6L3yKWaE4W6UR22Tdmg4lrYnI4F7uZZzLbWGwWk8O3W40mHufCuZv4a6vNYLPbGNYii820Fo0cy7Vw41utZZ7JzGObOQwjj20ten1Mz8liuHFt_I3ZaLZbDjaz0b4xG812y8FmNtp36Azf1edslG3PKY_ONtnWYsqY-aBwGSzen8S0mHZnB9Xvd3QKDdNlUWc0_rxHr0HhOXhUi781LOwcltXZtqxwHAyKWCI4XaQT0ct4uoglkqdFOtHYjAvfyDZzzFyDwW7jcvgmvuHKuNoMNhOTx7eyiCVK00U60asdZtdb5_AcHpa_4O85_ZWel93j8LtFLrfoYXnaHG7Bw_JwKzwPt8hlNj3cMr_TLXiZnCa_W-RyK9xOn98tcrklfrPnb3dY_nah6W22qP_YIIvdXDaaK1aLuWaxSgAAAAAAAAAAS5gzbwIAAABwGsxutdytlgsg8WepCwwCAAAAAACwixlvrbZJEshS3PjxRJmcpr_l4TP7LX633mf2W_xWBpBwE2Xe7Jkg1mq1rAEAAASwAQAAArh18xagIskB!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Mar 2022 01:46:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date: Wed, 09 Mar 2022 01:46:05 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9F88 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9F88 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9F88 22 KB
9 KB 112ms
111ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2709920577011970&correlator=1606134530049411&eid=31064150%2C31065294%2C31065486%2C31061690&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220309&iu_parts=138871148%3A85042905%2Coglobo.globo.com.dw.728x90.inter&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&fsapi=false&prev_scp=pwtdeal_ias%3DPMP_-_42_-_72de41aa8b773d%26adt%3Dlow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26fr%3Dtrue%26id%3Daea41dc6-9f4a-11ec-9533-02c49424d9cb%26vw%3D40%252C50%252C60%26grm%3D40%26vw05%3D40%26vw15%3D40%26ias-kw%3DIAS_8423_KW%252CIAS_8430_KW%26pwtsid%3D72de41aa8b773d%26pwtbst%3D1%26pwtecp%3D0.01%26pwtdid%3D42%26pwtpid%3Dias%26pwtpubid%3D157163%26pwtprofid%3D4984%26pwtverid%3D3%26pwtsz%3D100x200%26pwtplt%3Ddisplay%26amznbid%3D2%26amznp%3D2%26hcmviewable%3Dtrue&eri=1&cookie=ID%3Db7fd25f58653e3a1%3AT%3D1646790363%3AS%3DALNI_MbCSbspQ_GfjZ5sq8O2JV8HTGF06w&cdm=blogs.oglobo.globo.com&abxe=1&dt=1646790365845&lmt=1646790365&dlt=1646790364321&idt=82&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=133&ucis=jn0k858q5dzv&adks=436941508&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&top=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=564303274.1646790363&ga_sid=1646790366&ga_hid=1624095469&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7845898a5486e1daba18866ba4ba061cd88c5b83b47a4457f21fb7ddaa204b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9498
x-xss-protection: 0
google-lineitem-id: 5770953283
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360277874
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9F88 14 KB
10 KB 21ms
20ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50f3c1f3c2b9e6ba18b7f7133445a738fb8668c011aa777c8f9a9d20a9c76d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10518
x-xss-protection: 0

GET
H2 200 container.html Show response
bd79c365fbab6be0d719c68cbfd4deaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7EA8 6 KB
3 KB 31ms
14ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bd79c365fbab6be0d719c68cbfd4deaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 09 Mar 2022 01:46:05 GMT
expires: Thu, 09 Mar 2023 01:46:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame E01B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

7ms
7ms

Document
text/html

104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7SpwCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHHMWaMCYb0oLE2Q13q-VkNJkMlqvBarKcLIewUawJY7IhLUic3XC3Wk5Gi8VuNlmMJovlFCKM5TIZ1AIJy-z3HQQNn8sNgbRoOh0-171eYvb7PHe9z-y3-O06s9_it2v8br_aYXa9dQ7P4WH5C_6e01_pedk9Dr9b5HKLHpanzeEWPCwPt8LzcItcZtPDLfM73YKXyWnyu0Uut8Lt9PndIpdb4jd7_naH5W8Xmt5m_-r09nf-rsvH5Z67fJ-zy3R6WW6q09vfdpmcrrd75XY4zTbV6e3vONyGh9Nnd89dvs_pYTm57AAAAADwAFD1tADxAwgAEAEAAAAgAQAAAEARUPFvIXABAAAAgAGAkBiuAQDFoXAPu89lOTvsJn8AADwogAAACGCQABTwnpYAfJzNnAAAAAAAAAAAsPz____HDNDrLcgAiLzn9AA8-AA8EBWMFjECAAAAyAa6_Dia1AmVRRUAAEG6FcAVAEDAH5sWdGEYAADAwNgCPSx-v9lh1_jdLgMAAAAAAAAAMPs_-0cTshq9TgPav1ZQ-wUEAFj7BQQAYFM3AIA3AbigI2jFYLA6hdgNZ4PdZDCczQ4AAADg7v___18PJGaDiWticjgXu5lnMttYbBaTw7dbjSYe58K5m3hPo0ZfVDtLoatvQlhmv-8gaPhcBvFBw7CcDIL5TdhitJpMNsvhbLmYDIaj4Wi0P4FcDnAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNEcZWm8FmtzGsRRabaS0aOZZr4ca3Wss8k5nHNnMYRh7bWvT6mJ6TxXDj2nhRMKBtL4KLdKIyOU1_y8Nn9lv8br3P7Lf4LWKJ5mSRTmSXfWM2mLgmJodzsZt5JrONxWYxOXy71WjicS6cu4m_ttoMNruNYS2y2Exr0cixXAs3vtVa5pnMPLaZwzDy2Nai18f0nCyGG9fG35iNZrvlYDMb7Ruz0Wy3HGxmo32HzvBdfc5G2fac8uhsk20tpoyZDwqXweL9SUyLaXd2UP1-R6fQMF0WdUbjz3v0GhSeg0e1-FvDws5hWZ1tywrHwaCIJYLTRToRvYyni1gieVqkE-FkuNp4jBuPazlaLQariWdmswyWm5HJM1q4NhaLWKI0XaQTvdphdr11Ds_hYfkL_p7TX-l52T0Ov1vkcoselqfN4RY8LA-3wvNwi1xm08Mt8zvdgpfJafK7RS63wu30-d0il1viN3v-doflbxea3maL-o8NstjNZaO5YrWYaxarBAAAAAAAAACwhDnzJgAAAACnwexWy91quQASf5a6wCAAAAAAAAC7mPHWapskgSzFjR9PlMlp-lsePrPf4nfrfWa_xW9lAAk3UebNnglirVbLGgAAQAAbAAAggFs3bwEqkhw!&cmcv=&pix=undefined&cb=1646790365660&uv=3137&tms=1646790365660&abt=adh5c-1_vA!id5mc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!pblc_vE!spa2_vB!t45!ufm_vC!ul106720-016r_vA&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=E5B12C4AD3787592422095052929&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Mar 2022 01:46:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date: Wed, 09 Mar 2022 01:46:05 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9F88 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv74vR1tfmNhQFZN9T9qouOWkEHca4jyJCU-NbKjvrCriq7sCnBEhTt0Wzxeq0hvckRC7m3xzdeVlri1ZHMSVWo4hthtxudiyiKgMiojj4qy13vuGRm&sig=Cg0ArKJSzNK1bOH16xqmEAE&id=lidar2&mcvt=1004&p=338,436,428,1164&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220307&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3847855073&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646790364320&rpt=527&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2AF2 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Mar 2022 23:07:55 GMT
expires: Wed, 08 Mar 2023 23:07:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 9490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1978 783 B
536 B 19ms
18ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e17c9b824e327cd707b08a05fcd6caedccd725ec2f215e8e5f53778a697fc090

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wwVoCvix9jbm4nc4706TYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 09 Mar 2022 01:46:05 GMT
date: Wed, 09 Mar 2022 01:46:05 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-wwVoCvix9jbm4nc4706TYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9F88 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:46:05 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5C97 32 KB
10 KB 8ms
8ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 31f905374457a5300e13a4c80dc5220d85c84a903b1da9d2562ac53c2ed6353a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=36002
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9535
Expires: Wed, 09 Mar 2022 11:46:07 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E01B 32 KB
10 KB 9ms
8ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 31f905374457a5300e13a4c80dc5220d85c84a903b1da9d2562ac53c2ed6353a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=36002
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9535
Expires: Wed, 09 Mar 2022 11:46:07 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 5C97 0
239 B 28ms
6ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=L0IWGP0F-M-IZAT
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A59 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMUXm3QYoYq73HsaPrATEno-IBQAAAAA4AeAEAg&bg=!ZGelZyPNAAb7UztL-1M7ACkAdvg8WnasNUHf9XAd9PaH4Qy1dOu-Q77P46XtNP4DEg4mU-7xypPmsAIAAAC5UgAAAAJoAQcKAEVp2k4yPuEhFSfjjbBCspBE-WWhxgh9c8QZu26-zlCakQeh9Ok_O--yo702NgN8kGGiwTeOH9yCjWpRaHP7IpFbOdZT2JuZAzOF6uKJH1QB4-0RK7KJoTtib3eeiXbFhLAkxYeEhQOT_WfMjr_-yauDCan5Xa1dnwvsKV_tY1GNTFE_LjmyUL7dd-NPOQqFXjVjWxT_47FknaMpIRowT01U5XBT1O1qcojTDU4XsS9clrDwTS-g5aN9eblmGM6p2sXEmNzvkTYKkQNBj0kc93n8AoQEza5rEqLtPNR65vc6s9kBmSLWeQSjP7DQ1y8nVpg3cT5O09e3ceU899quVrc5nCzWtdvjPUMa4IgjD8JlSV6xkgyPO1v_N1-J_B6Pm65oOdBEp3piJuTxaZWxCoFuYhQJ1RK1JWP3crEGmj0fMvMzr30yr2p66QxhjZ2IkbOziJEbdFoDO-A7CsHt04AESQPP0wToPyZm6ONJNk9PB70F5W29u2-fetU5_4dZf_szBUN8HsatUkVpgFfRRhcNijoK-TVh80SByk3NvfFf0tg8TIO_8wZfdZ88V4mfbAkZZzXWqdb1w9xzkM3WPuZxc6MldaFFM9sdYY3y55uqgqk3t_AoSqi4GnFuWkmaOvhq-G-zXkQ8CSq91uwzNC_rPGNyVPXV1UdsUmu1nvzgDB_XI_4B_LuUkuq-mEF_YRyf4S_Z6X1hFzESbMAGfBTanl6UkOvcM-NCPmsyov0DRp7miefcdSJcgSU__YOX9PSdb5dXJKuSNI7jaazYu2S_08AUowGfXVnv4BSNkiR5UZ9UATPsqmaDR92jHhyqFZTiBOXECoMLuzj4ar7K0ndkvy09dC2eNOOpKpSXhkKiqmH4k5NWJ3koVD-uwuukZ99DXA-DrhbhrarqeFSz-WBMLy-QUP5FMzAmbUgtbSN4bmFaAdNS8fpOyw0_JEgwOLMIk7ERNdpGvHvH1PpxdmiEy5TXu6be7E8ajk2MZLRCO39JKbobp307yNcSiNctHzFcICvd-m72G6WX6lAEXloUfDb2Jd_wWAR8Tf5eek3xXL47hMd-ZnrcdKkpWQON-9m6S3g6Ui2pcEngzLwEuXKiqVrTf8iR9zKHmQ6Q-p6ki2_iVmPohAI1rvan90C87PWIJh2cByXGQVNZIwd9ZTkLAT8YrgW1fg8p9gU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1978 0
0 45ms
44ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030301&jk=4213584432881159&rc=
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 60DA 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Mar 2022 23:07:55 GMT
expires: Wed, 08 Mar 2023 23:07:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 9490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 67B5 783 B
535 B 26ms
25ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

50ac5707cba8679a020b467f708bf17ccbbec09dd8371bcf5080b90938c07d5e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QClgHWLzAe9UPOHcvPGL5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 09 Mar 2022 01:46:05 GMT
date: Wed, 09 Mar 2022 01:46:05 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-QClgHWLzAe9UPOHcvPGL5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AF2 35 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 19:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 19:07:18 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 93CD 0
0 46ms
44ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrQaRFv1dlt5q44ApHmwS05Gcbnqw5JRVlwFKzsCvJLaEs1p8TBRODN4pmyd50IZIeFeDtFsGNa1ryCIoipKRcUBOcZRgaioDtac3O0s4GIWTcDccpKWMUy-V-G11u9VmcOIGHFHPf65tFVr1Wvh2ytVOxLe2AsKLniOp1xb0xKY_TS7qktpaFDkLcBSkAmNpm0dijXj7-tkxeBIPf5gH14kpXLb-5O3J3YtKII5nhc5oeeFckZSa1rEiGi_t6kHzUueRJ7q9Gzf4VgaaQ59bd7ExERPJEoWckvgYfxChvxKsTxjKQ8AYPGFQftMRPGKCkux6O5JBOC5WCE2lWpA7oKxlpjIo&sig=Cg0ArKJSzLP77kFDHgSMEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK a9floorcheck.js Show response
s3.amazonaws.com/script-tags/ Frame 93CD 3 KB
3 KB 111ms
109ms Script
application/javascript 52.216.143.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/a9floorcheck.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.143.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 00fcdbd28afe964a4bec63932d5f6348abd89e19ed1f990723a6ab9ca8701cc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:07 GMT
Last-Modified: Wed, 03 Apr 2019 18:47:26 GMT
Server: AmazonS3
x-amz-request-id: Z2DB5S3V264VWC63
ETag: "2d4b0d964f2c5927dffbf65da033636a"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2655
x-amz-id-2: fntwxBuGOY1kwPRcgnVDsef7ts00UWGTjvG/iXFArMJsw3SvbYGBfr2dwnV+ZPhPzmgBoP/b6e8=

GET
H/1.1 200
OK prebidpubs.js Show response
s3.amazonaws.com/script-tags/ Frame 93CD 311 KB
311 KB 109ms
108ms Script
application/javascript 52.216.143.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.143.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9c771d688cb34399f9f33f7d6ccd2a3ec17a9bb758923d736a3d1942510e963a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:07 GMT
Last-Modified: Tue, 03 Aug 2021 21:19:14 GMT
Server: AmazonS3
x-amz-request-id: Z2D2ZSA5V366N3CV
ETag: "5dbd5fb11fd60ffbccab312faa64a2fd"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 318400
x-amz-id-2: U7k+A6rUK9popk1NnORcKD1+ZPRr5Dubs49W24vfIjbYqaP6LCvcFnaGfLKwKjszJN7hbW6Gh8E=

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 93CD 124 KB
38 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646656195544221"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:46:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3725 0
0 43ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOQIELfoqfgK58J8rDrYCCEXFJa3FLFKhcazGCafl3p8Vh5aODAP5NFfRA_WYb1XInN_e0U74RttCMCm72lHBxwuTcj9rre0zGdtqvvPBYo9E64AzzuGOs6ao5_hqKBwxX0J2YNx9KRhMV7i8ovP3hCichYN7waikwZ3ZC1u03ppRvjYgUUOX2hMNcy0GdG82VDoacKXjb2EdgY4SdQH6WwEApVB5M2bzEroeEZUngIR7d5nJzTcpUbctJV2JD9uHxdp06SgXxtsoCg36iMijjovW2kn2sXt2wBCVlSQKxG_IsILGe722IdChTwqgoHwQNfY8RsQf5wt-Te86M1TmuzNIUvA&sig=Cg0ArKJSzOm2T5BzFPSbEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK a9floorcheck.js Show response
s3.amazonaws.com/script-tags/ Frame 3725 3 KB
3 KB 202ms
109ms Script
application/javascript 52.216.143.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/a9floorcheck.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.143.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 00fcdbd28afe964a4bec63932d5f6348abd89e19ed1f990723a6ab9ca8701cc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:07 GMT
Last-Modified: Wed, 03 Apr 2019 18:47:26 GMT
Server: AmazonS3
x-amz-request-id: Z2DAQEY2VATBYQWD
ETag: "2d4b0d964f2c5927dffbf65da033636a"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2655
x-amz-id-2: i5sSSXiV3EMRpe7YT77+kskSK7bjRtoDMHIJMIyHDrIcMHMbRwEvbduL7MsAIPQCOi9AwnTRXC0=

GET
H/1.1 200
OK prebidpubs.js Show response
s3.amazonaws.com/script-tags/ Frame 3725 311 KB
311 KB 311ms
109ms Script
application/javascript 52.216.143.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.143.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9c771d688cb34399f9f33f7d6ccd2a3ec17a9bb758923d736a3d1942510e963a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:07 GMT
Last-Modified: Tue, 03 Aug 2021 21:19:14 GMT
Server: AmazonS3
x-amz-request-id: Z2DAW4FB3YQVBP4T
ETag: "5dbd5fb11fd60ffbccab312faa64a2fd"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 318400
x-amz-id-2: AErFmlDYGa3PPXGGrAaUORVmYZPLjDRaS0Bw3rEvvKrrNmPhgGWVI0wKEGaCQgjuOyEdrGzlJTA=

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3725 124 KB
38 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646656195544221"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:46:06 GMT

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 60DA 35 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 19:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 19:07:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 67B5 0
0 43ms
42ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030301&jk=2709920577011970&rc=
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 5C97 70 B
264 B 31ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7plcCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHG0JjzBikFWuz2O0Gu9FktFyMlpPNZLGYDIFDaIwZg7RibRa73WA3moyGi9lqsFrNJqPVFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUh4K6TKeX3eLwGP0BAPCgAAIAIIBBAlDAe1oC8HE2cwIAAAAAAAAAwPL___8fM0CvtyADIPKe0wPw4APwQFSgXMQIAAAAIBvo8uNoUidUFlUAAATpVgBXAAABf2xa0GxhAAAAA2ML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCChTMy3IqCdO7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqFGI3nA12k8FwNjsAAACAu____389kJgNJq6JyeFc7GaeyWxjsVlMDt9uNZp4nAvnbuI9jRp9Ue0sha6-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPI5QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFstRlsdhvDWmSxmdaikWO5Fm58q7XMM5l5bDOHYeSxrUWvj-k5WQw3ro0XBQPa9iK4SCcqk9P0tzx8Zr_F79b7zH6L3yKWaE4W6UR22Tdmg4lrYnI4F7uZZzLbWGwWk8O3W40mHufCuZv4a6vNYLPbGNYii820Fo0cy7Vw41utZZ7JzGObOQwjj20ten1Mz8liuHFt_I3ZaLZbDjaz0b4xG812y8FmNtp36Azf1edslG3PKY_ONtnWYsqY-aBwGSzen8S0mHZnB9Xvd3QKDdNlUWc0_rxHr0HhOXhUi781LOwcltXZtqxwHAyKWCI4XaQT0ct4uoglkqdFOtHYjAvfyDZzzFyDwW7jcvgmvuHKuNoMNhOTx7eyiCVK00U60asdZtdb5_AcHpa_4O85_ZWel93j8LtFLrfoYXnaHG7Bw_JwKzwPt8hlNj3cMr_TLXiZnCa_W-RyK9xOn98tcrklfrPnb3dY_nah6W22qP_YIIvdXDaaK1aLuWaxSgAAAAAAAAAAS5gzbwIAAABwGsxutdytlgsg8WepCwwCAAAAAACwixlvrbZJEshS3PjxRJmcpr_l4TP7LX633mf2W_xWBpBwE2Xe7Jkg1mq1rAEAAASwAQAAArh18xagIskB!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 5C97 0
0 15ms
14ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7plcCFgN6h0M4mTCKnAR6h0M4mTCKnAUAAAAGBvQHG0JjzBikFWuz2O0Gu9FktFyMlpPNZLGYDIFDaIwZg7RibRa73WA3moyGi9lqsFrNJqPVFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43BNKi6XT4XPd6idnv89z1PrPf4rfrzH6L367xu_1qh9n11jk8h4flL_h7Tn-l52X3OPxukcstelieNodb8LA83ArPwy1ymU0Pt8zvdAteJqfJ7xa53Aq30-d3i1xuid_s-dsdlr9daHqb_avT29_5uy4fl3vu8n3OLtPpZbmpTm9_22Vyut7uldvhNNtUp7e_43AbHk6f3T13-T6nh-XksgMAAADAA0DV0wLEDyAAQAQAAACABAAAAABFQMW_hcAFAAAAAAYAQmK4BgAUh4K6TKeX3eLwGP0BAPCgAAIAIIBBAlDAe1oC8HE2cwIAAAAAAAAAwPL___8fM0CvtyADIPKe0wPw4APwQFSgXMQIAAAAIBvo8uNoUidUFlUAAATpVgBXAAABf2xa0GxhAAAAA2ML9LD4_WaHXeN3uwwAAAAAAAAAwOz_7B9NCChTMy3IqCdO7RcQAGDtFxAAgE3dAADeBOCCjqAVg8HqFGI3nA12k8FwNjsAAACAu____389kJgNJq6JyeFc7GaeyWxjsVlMDt9uNZp4nAvnbuI9jRp9Ue0sha6-EGGZ_b6DgnJ6eswug6joelvsDqfZcxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPI5QAnYrBcTiaLyW41Wo02w91oNligQAwmSNGiwWQ1Gk0Wk-FqNFnNlovdboMUrVrNRpvBcDWbzHa71XAwXI5GOGGL0Woy2SyHs-ViMhiOhqPREGFstRlsdhvDWmSxmdaikWO5Fm58q7XMM5l5bDOHYeSxrUWvj-k5WQw3ro0XBQPa9iK4SCcqk9P0tzx8Zr_F79b7zH6L3yKWaE4W6UR22Tdmg4lrYnI4F7uZZzLbWGwWk8O3W40mHufCuZv4a6vNYLPbGNYii820Fo0cy7Vw41utZZ7JzGObOQwjj20ten1Mz8liuHFt_I3ZaLZbDjaz0b4xG812y8FmNtp36Azf1edslG3PKY_ONtnWYsqY-aBwGSzen8S0mHZnB9Xvd3QKDdNlUWc0_rxHr0HhOXhUi781LOwcltXZtqxwHAyKWCI4XaQT0ct4uoglkqdFOtHYjAvfyDZzzFyDwW7jcvgmvuHKuNoMNhOTx7eyiCVK00U60asdZtdb5_AcHpa_4O85_ZWel93j8LtFLrfoYXnaHG7Bw_JwKzwPt8hlNj3cMr_TLXiZnCa_W-RyK9xOn98tcrklfrPnb3dY_nah6W22qP_YIIvdXDaaK1aLuWaxSgAAAAAAAAAAS5gzbwIAAABwGsxutdytlgsg8WepCwwCAAAAAACwixlvrbZJEshS3PjxRJmcpr_l4TP7LX633mf2W_xWBpBwE2Xe7Jkg1mq1rAEAAASwAQAAArh18xagIskB!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 5C97
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
645 B

102ms
102ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XH5515RNVVKZE9BJK146
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XMHZ0Q06B7JHBPXRX5BS
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C97
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTNlOTZlY2MxNzY1MTUxOGEyYjQ5ZDgyZjI5ZjZhMWVhNmFmNzQ0Ng&gdpr=1&us_privacy=1---

170 B
190 B

18ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTNlOTZlY2MxNzY1MTUxOGEyYjQ5ZDgyZjI5ZjZhMWVhNmFmNzQ0Ng&gdpr=1&us_privacy=1---

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTNlOTZlY2MxNzY1MTUxOGEyYjQ5ZDgyZjI5ZjZhMWVhNmFmNzQ0Ng&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5C97
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBJV0dQMEYtTS1JWkFU&gdpr=1&us_privacy=1---

170 B
190 B

20ms
19ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBJV0dQMEYtTS1JWkFU&gdpr=1&us_privacy=1---

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBJV0dQMEYtTS1JWkFU&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 5C97
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
645 B

32ms
32ms

Image
image/gif

52.95.115.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t

Requested by

Protocol

HTTP/1.1

Server

52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 93WQN4FGEMJM4Q3SKF91
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 76XAHRYEZQV6K2C4GPPA
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 5C97
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0IWGP0F-M-IZAT&gdpr=1&us_privacy=1---

0
944 B

229ms
211ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0IWGP0F-M-IZAT&gdpr=1&us_privacy=1---
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: CDEEBE24A907415C9C5FE1420BC801AE Ref B: FRAEDGE0813 Ref C: 2022-03-09T01:46:06Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-source-fabric: prod-ltx1
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXZv0LLo5bdtDzRWCn6cA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0IWGP0F-M-IZAT&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 5C97
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/e-uFMhtzeoQMg94GOHuqoA?csrc=&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=586152051782743622

0
239 B

7ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=586152051782743622
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

Redirect headers

date: Wed, 09 Mar 2022 01:46:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=586152051782743622
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

POST
H2 204 events Show response
api.deep.bi/v1/streams/EJntYTLE3eKP/ 0
58 B 32ms
29ms XHR
text/plain 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Requested by

Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Content-Type: application/json

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
cf-ray: 6e90228c795f020d-ZRH

OPTIONS
H2 204 events
api.deep.bi/v1/streams/EJntYTLE3eKP/ Frame 0
0 57ms
57ms Preflight 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e90228c187ecc4a-ZRH

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2AF2 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?85hEIQ
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 93CD 134 KB
36 KB 7ms
7ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/a9floorcheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 359
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1G7XE12547NPW9G4CZJ3
date: Wed, 09 Mar 2022 01:40:06 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: D47uOnYDG4dmDzKxmLZYf_QWmmfWDZwC9N14SjNGzIALTrrYjfhbzg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 93CD 385 B
738 B 6ms
6ms XHR
application/json 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 00:43:41 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
server: Server
age: 3744
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-length: 385
x-amz-cf-id: 0bFOyEXupzyv38ufeVagGWFEQ0NdjtWJPRpBlGnrzeV-5bWWEuH9zg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 93CD 6 KB
3 KB 7ms
6ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
date: Wed, 09 Mar 2022 01:46:04 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: obghRJytUq4PHC1h-v3vPWRZla-GTtwxT2o8z7XV9XRaiLQbwE5zvQ==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 93CD 38 KB
11 KB 10ms
10ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cbbd5676d9c7345483787d39fb83cb6880b4ee7d114e53f5b3df9b217af5f72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Wed, 09 Mar 2022 01:02:01 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10644
x-request-id: 981501826

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 60DA 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SXAoNw
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 3725 134 KB
36 KB 7ms
7ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/a9floorcheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 359
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1G7XE12547NPW9G4CZJ3
date: Wed, 09 Mar 2022 01:40:06 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: IpXRA9CsyM6y2aSfihtwl_5yhyHTyMH9UpOyuGX7My-Ab2ztovCgtw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 3725 385 B
740 B 9ms
8ms XHR
application/json 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 00:43:41 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
server: Server
age: 3744
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-length: 385
x-amz-cf-id: N3NaR7VllyzFQMJvxPhp5TIpHQ5ubQHrRKzulPZ-j9JqwKE4gPlbRQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 3725 6 KB
3 KB 9ms
9ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
date: Wed, 09 Mar 2022 01:46:04 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: Zgn1EAj2FAxO8Bel-wZgYTt7j7OConLhKXaljcnVZDIxkyUMhh3Hdg==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 3725 38 KB
11 KB 10ms
10ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cbbd5676d9c7345483787d39fb83cb6880b4ee7d114e53f5b3df9b217af5f72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Wed, 09 Mar 2022 01:02:01 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10644
x-request-id: 981501826

POST
H2 204 bulk Show response
trc.taboola.com/editoraglobo-oglobo/log/3/ 0
215 B 18ms
16ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/editoraglobo-oglobo/log/3/bulk?tvi2=4948&route=AM%3AAM%3AV&lti=deflated&bulkSize=4
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Wed, 09 Mar 2022 01:46:06 GMT
via: 1.1 varnish
server: nginx
x-timer: S1646790366.333529,VS0,VE10
x-served-by: cache-hhn4078-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
733 B 6ms
6ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 9107
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by: cache-hhn4078-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1646790366.364101,VS0,VE0
date: Wed, 09 Mar 2022 01:46:06 GMT
x-amz-request-id: DM4PBFJ9QH08DD7N
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 18
x-cache-hits: 355

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 93CD 144 B
1 KB 167ms
167ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b989715b25a21c6bdc168a4c56fd856f7bea0a9e59429808702caa6ea40e2ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:06 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3dd3c37d-e7ae-4d2a-9880-419c05a11d5c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 93CD 0
65 B 102ms
72ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://blogs.oglobo.globo.com
date: Wed, 09 Mar 2022 01:46:06 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 93CD 416 B
879 B 81ms
81ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1798354&size_id=57&rp_schain=1.0,1!hcodemedia.com,288,1,,,&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tg_i.adunit=oglobo.globo.com.dw.970x250.inter.cdmx&tg_i.pbadslot=138871148%2Foglobo.globo.com.dw.970x250.inter&tg_i.dfp_ad_unit_code=138871148%2Foglobo.globo.com.dw.970x250.inter&tk_flint=pbjs_lite_v4.43.3&x_source.tid=93655302-3cd2-4973-9d40-81f1b50c2b24&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8284998836623043
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2c9b7563c99d47d902415da96e8c74a54abd43925ca384c4d4f0bfcac74797e6

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:06 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 416
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 93CD 23 B
526 B 17ms
17ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.3
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 12c664a3b4b5c71587b35a7a5d7fc67b66594cb75f67463a106670f2ee8f2055

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 09 Mar 2022 01:46:06 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 23

GET
DATA 200
OK truncated
/ Frame 93CD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f57ee71c9412b03eab8d6468f1e97f4ed8510da38489bd3f78518331d124b845

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 93CD 0
0 44ms
44ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2hfGQ1cTFzkHQiCxGIWjAHaA52Vh9ioCaswawfVkjWvH11otowGX3dpOvIj8OcWFUfkIoW1WrAUK1UJo2RQGwAktKgaK_gZdtuaI8IsdNEdeDKIIM2TCEJOvaBBSCUXIJKZJ7E1qJAFOEzPMIbZvMCByKWb6liv78kR5gP40JX1vv3MxbthMcRPkETYmwsYt61Vf5U6yXY5FkIieGs8GpByrFZU7XCHT4ESDGFHTzXKMG54L9kdpkTpD_4S6SrNYMpzGnNmWmA5ABvfnZaTo-x-huHPYDTg8qfyu-hSzcIju3NwsbPbSnHmIEjFZmTjuAO61_pz_di8akU91ynVyA4pAA8r19dQ&sig=Cg0ArKJSzK4eeXxy7NqjEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 09 Mar 2022 01:46:06 GMT

POST
H2 204 events Show response
api.deep.bi/v1/streams/EJntYTLE3eKP/ 0
35 B 31ms
30ms XHR
text/plain 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Requested by

Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Content-Type: application/json

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
cf-ray: 6e90228f7aff020d-ZRH

OPTIONS
H2 204 events
api.deep.bi/v1/streams/EJntYTLE3eKP/ Frame 0
0 56ms
56ms Preflight 2606:4700:10::ac43:c60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e90228f198ccc4a-ZRH

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 93CD 23 B
497 B 45ms
44ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&pid=F98AjGh7cthgM&cb=0&ws=970x250&v=7.73.0&t=1000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.970x250.inter%22%2C%22s%22%3A%5B%22970x250%22%5D%7D%5D&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: HSFMXBZPH2E4PPVQ26F5
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: kCfPk8U-dwBgmx7KXXjD26rts4t-Pl-gMwsDaD3_6T1gDA1jgR4jEQ==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FEAD 42 B
64 B 49ms
48ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhhRrUORY2abWj8aWY4Txj88rVQ0uZVoBUvpaWoO4Lrt0Ke7BVQ0zQNFTRQP0QdQJlQuj6RMdqPaXo-WyX0PYkLYENq1P4Fqi8q26NxjX_pI6MYtwmYQ&sai=AMfl-YQvvz9WJmYLIkR25Wkdzgl1R0MxZR4TugcCsQ5_KM9kq_Y5LzXvcUF9QtfyKKySRTgCoC-cK9LfUzKoAD8wvo0B1NxUFrRsjJbu5PmncteSuctV2UY2SacK30Kv&sig=Cg0ArKJSzKH2HAqKV5V_EAE&cid=CAASJeRo0y5W7P-Jk4Y2UxZ2LOOC7dMkztPnGTbJ7gM-KlQM2k1PtZA&id=lidar2&mcvt=1000&p=307,1126,557,1426&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220307&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2282096486&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646790365405&rpt=176&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f9cf7728efba273543d40b9be95a4542.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3725 144 B
1 KB 94ms
94ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9104df821b1bcfa349a1cdfafcdd9bbc227e79bb556936f7253772ea83767415

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:06 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6e0d57cd-c859-4ae6-95ab-a05df7ce70a6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 3725 22 B
525 B 16ms
16ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.3
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 0a5548093a9eff91c3306e35efacf7156c0aa8044dffe79ca7211497077d5490

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 09 Mar 2022 01:46:06 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 22

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 3725 407 B
870 B 85ms
84ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1780802&size_id=2&rp_schain=1.0,1!hcodemedia.com,288,1,,,&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&kw=%2F138871148%2Foglobo.globo.com.dw.728x90.inter&tg_i.adunit=oglobo.globo.com.dw.728x90.inter&tg_i.pbadslot=138871148%2Foglobo.globo.com.dw.728x90.inter&tg_i.dfp_ad_unit_code=138871148%2Foglobo.globo.com.dw.728x90.inter&tk_flint=pbjs_lite_v4.43.3&x_source.tid=2cf3f77b-f6f4-4050-8acc-f4bb867383f6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.11264277990194094
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: db08471dae228e40f7625755951de77b5ec3a79eca14ca1e5f98d5b89478fb13

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:06 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 407
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 3725 0
65 B 40ms
40ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://blogs.oglobo.globo.com
date: Wed, 09 Mar 2022 01:46:05 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ Frame 3725 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2aaf6687e15360484c96b6e7ab7778690c001a40358741ff168fb7ca16c026f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3725 0
0 45ms
44ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukKOUsYRDKolXsVCM7pwGJYfJuLUHwCL4DgU03dm6K-nKqAa8xbQm1zmph6CBZCabG2WudTb6uAOJFnD60OHiFO2N5V1yzj-6XvCCEFqIrWH3ReV4iLBmsG3ZEdAB-tS625LKvfgCLUqdzzJlehTflVrD_ZkL6pxpKFhsF8okNbWe1DUjwHbuYZx9t3FvT12J7NHnyxbKNk9tG5VTwlbdagp4BY3ubaIL7HW-ZKFqXAu-9BKKUYkPfYIY-3Y-Dm0bPiyI9C59Z2HDCP3-rr7MwgfDHKvfl3CkzbP-nsf0VxNIa0tA4W_-bWoV9KrA49iNiFj6WjieLlSoTR3e4ciFz6zxSZWSZ&sig=Cg0ArKJSzDHkGyltjNd4EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 09 Mar 2022 01:46:06 GMT

GET
H2 200 OQER25S.png
i.imgur.com/ Frame 583E 270 KB
270 KB 25ms
8ms Image
image/png 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/OQER25S.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

7740eedfa43b13a0c0ef57c77c72240b994238b5a5da8be3a9a32e3bdab60aa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
x-content-type-options: nosniff
age: 666892
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 276441
x-served-by: cache-iad-kcgs7200146-IAD, cache-fra19170-FRA
last-modified: Mon, 16 Sep 2019 22:19:23 GMT
server: cat factory 1.0
x-timer: S1646790367.661131,VS0,VE1
etag: "340aeb974e84b0f941e794593116cd2d"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6FF6 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030301&jk=4213584432881159&bg=!i4iliMzNAAb7UztL-1M7ACkAdvg8WhnJdI65M9am5GiSt3RLq_EXvEAzQ0RtdmzCEUXOOK69rnj6ugIAAAC0UgAAAAJoAQeZAvM0CvpnLC76jZAhPbManilNQIKl14TDq3sOJISyYMJg8fFRUmKCqt1EQGbAlccZONgmPc86Psj4JLwS_RihASp8QiHdvjv-dqf7Rnv2gqT2AFF9FOrmkfYzV-zDDcsVGDu0bZZfKOV1KwONSic_nDF_9S_jhBAqaPKSVEJH6wqwqwJQbnnYhBa7JmXEDXnbYA8s3hmXTd7huR4BrYyn42vY52vuEx7ydEX-FhGr7B9rKTkLZ6xz17za1hg7Sxq6sqnHB9weqpcE_VamwcEBd9434r8LBM8vCsd17gxqysXYabDwngf4MFnfqgb_WdinHV3SBoNZq9srfCjpWByVrvJUHvNAaE38ZYQttAn0XFSDK46hxfKSS48WmOEfKeB58dkCmUci4-l7tpvjym4xRHAyzAm-JqCcvTMLEfWR4X0qExmzENA1S22apavlXnIxjg_kwbTQ2Wu-eZGyNLADSToLHSHfud9k0wOBTouLZKZDBDEdBxGkgWuqSIfmNBuYpRELMpBHP1_B1MpjkbMeTeW-0PLrziDKYyRYEMNWhRde3IP9jaDSFc7OKwlMymhWm5xknlQ8Bg2uiNjoTJNxhneH9bnq7gCg9Pw6BKzL6n1Vsh3cuMSPLrTMlFyRGgL5ZfIW0gcGHX0pSXbC-TNKIWUnJ_eFdn2y-Kj8qAZovoIcMP7WHxgP5_08Kgq1sAwI5s1us3PdjpA3RdXcvOXDpBE81wS01ELhxsIOkEUJ4QF3NP4ScszZYglvS7BMqhmgsYbFxvhDif0OOG7PYcDRXNQjmY4hLDZXOpruIn9QY7SkSVIQuK5MUX20OZOsCFEkApqy-OEUP1jbW2wIzS-A3NJAgu4hor_6YOQw0HwWkeivRG6LfP27iyzCj0mMKzEybGPDqYPByk4xwu6evSay_kN2-_8GV-plWhviOAvGL6KX_OYSTopjeCyEDld_59-n5I4AbklbmQM0EGVt6hwOGF5IgwdEIaSlKA_gdG9IwjMCV3S37g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9F88 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030301&jk=2709920577011970&bg=!jI-lj8vNAAb7UztL-1M7ACkAdvg8Wqkozwt7TzpZVEhCRGkQhZGcee9-r-Xhnezha0pK2eKrtb8xFAIAAACRUgAAAAJoAQeZAu-AAArBIP5U8vSLs6tF3EedRF2TJbYcfZ6V9Cjt3BId6ZkQiDtvKOt7XMRAJyZZ_eGjPt1ota90XaOCK1nNVknhqNOHYducd0VlJypYXZElxyCXqZsZ0jzf1pCTjz6N-dzXKruHp_Kl5gMhvDBzYuCg82v_NjY51DfzeTF7rf8PbkElGXc1Ia1OlP9es5_YXTAQoxQba2KM_WtqFW74R_9Fp1-IKLV1RtK-m3laoxNaGmXWqADblGAIneFKC3YH1SFOE_K8LjCXUbd8CPn-MVd5Kr8NCYUF1IZ6_JklHjf0PwPSsv7qoO3tl55tWyf2i5hKtZ2Pdc5IZs9yXMgBDqprG4AC_ocOh-neOVHL_z0NqWoRnQvBsZNe83wS4J9iFEsARu-ivlKXuiCk1iw21btzmMYRdKTdtKlTvZK1VL0vk5rwShQCyM26ZGlkO_nw8mzea0u2nCzluTZlLknKWxZ1o2tY60863QOe_edW0ZVyNRZFXMidSs4j8Yn6wKtTUQ7XbR6DgcD119yzuQgQ6TovLCZTwZ6XpFKWVJB0lzTF_i1BV06eLPgwAuCYg7FJ243PoI0saak01AaWl2WugRR30MdwRcAshN1ROldSRPFyfrCFsqmoJ8J6kQwhlHNcdrOVuLngiVJ1Rwcdjzp1N-QLqqxMIOZN_ZQ18BPeRAHjvpL6hahHd3zRU2iVwlmFXtx3H52WO7AL_HkpRsszZgvGgj-fM52ZP-v8QNQUEpjc5NBnmjQJCVSjJKM_P4z4RpvPxLo4JOtlfo84VzfMmqfQbz4ZBtS5d89CEDdGEjsIddELtlEzlzsvaaxo_j3kixdHED6rrngIGFYB7OJZHSsDSm54MzG60wBlSHBSUkvXCEsBQdoPdNFXz6OWdUYaF1vsqDElFG_8mA6IZdGNYNjPaUA5JzcpQ2RgLtMda618s6yAldIuGAtifQrISv1ku_oPKOwLHLgNWvW8D2ZyTflpdCEi3AS_Cuu1uR_dLQiF

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 3725 23 B
497 B 91ms
91ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&pid=nqJoyOgRpWQSo&cb=0&ws=728x90&v=7.73.0&t=1000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.728x90.inter%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: 2T9CWGE7V3ZFKDS9JB54
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 0uESM_8ITJ1gMkgnDoT4SSE9q7K94GGROK1NG4JvU_DiB9B6tFeEIg==

GET
H2 200 optout_check Show response
beacon.krxd.net/ 78 B
237 B 29ms
29ms Script
text/javascript 54.229.130.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.globo.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.130.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-130-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 69f56ee1ae09df8bc09ca18b9720883ab840b4f1a02b3992562e41900fe628c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=49 t=1646790366
x-served-by: beacon-n005-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 363 B
509 B 104ms
104ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&technographics=1&callback=Krux.ns.globo.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9ff9d6c17143d8fa6f68a55ed36654bf5e53055c29b7b6313b7bd6cf36579589

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Wed, 09 Mar 2022 01:46:06 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a003-ash-prod.krxd.net, cache-hhn4059-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1646790367.748714,VS0,VE98
content-length: 281
x-cache-hits: 0, 0

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ 220 B
310 B 35ms
35ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 65af1fe8b12524bc50639c16e7915729b00a53c96730de2c3184ad51f153cd07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a003-dub-prod.krxd.net, cache-hhn4059-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1646790367.784038,VS0,VE29
content-length: 187
x-cache-hits: 0, 0

GET
H/1.1 200
OK 728x90_blue_ENG.jpg
hcode-marketing.s3.amazonaws.com/generic_cr/ Frame 7F60 80 KB
80 KB 402ms
111ms Image
image/jpeg 52.216.107.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hcode-marketing.s3.amazonaws.com/generic_cr/728x90_blue_ENG.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.107.12 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bfb2b363b612416c899f6e75ed4bbb046008df170337c9e63a94756700098723

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:08 GMT
Last-Modified: Thu, 24 Jun 2021 22:30:51 GMT
Server: AmazonS3
x-amz-request-id: STHPVHTHCVW3HNYG
ETag: "86b5594d696ba0fce31a8f428b841c6d"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 81859
x-amz-id-2: XxdbPCauj7eL1vSmyChUeg+2YDmHVnl8d0MXrV9ewzPyZTdmsufVVhSfvsmOH5tOgLocf+/KvP0=

GET
H3 200 467226423720066 Show response
connect.facebook.net/signals/config/ 308 KB
88 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/467226423720066?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bd102a9e8d7faca0ba40e8915723d0452fd50736c74dabf19e58f0c1a9cd6f32

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89563
x-xss-protection: 0
pragma: public
x-fb-debug: 3gD2MSXof8DiXiLKw9xkuAF1rjkfRquybn8iEjvfIaXGXBP1Ic8KbS3VMiXmeWldb/Re2xjL2pQ7/ERC4/47AA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 09 Mar 2022 01:46:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410270039520634&ev=PageView&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646790366845&sw=1600&sh=1200&v=2.9.55&r=stable&ec=4&o=30&fbp=fb.1.1646790363269.304684564&it=1646790363138&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 01:46:06 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 10ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=467226423720066&ev=PageView&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646790366846&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1646790363269.304684564&it=1646790363138&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 01:46:06 GMT

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 29ms
29ms Image
text/plain 54.229.130.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=sexqhznbn&_kpid=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&_kcp_s=Infoglobo&_kcp_d=oglobo.globo.com&_knifr=16&_kua_kx_tz=0&geo_country=de&geo_region=by&geo_dma=276005&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_glbdt_utype=anonymous&_kua_dmp_globo_id=32056618323217689173&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=de&_kua_kx_geo_region=by&_kua_kx_geo_dma=276005&_kpa_meta_keywordsDELIM=%2C&_kpa_kx_context_terms=Nu7TWfFv%3A4%2CNu7TXzvm%3A3%2CNu7TXc5X%3A1&_kpa_url_path_1=malu-gaspar&_kpa_url_path_2=post&_kpa_url_path_3=isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&_kpa_meta_site_name=Malu%20Gaspar%20-%20O%20Globo&_kpa_title=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&_kpa_full_path=blogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro&_kpa_subdomain=blogs&_kpa_domain=oglobo&_kpa_utag_editoria=politica%2Fmalu-gaspar&_kpa_utag_page_type=post&_kpa_utag_produto=O%20Globo&_kpa_oglobo_utm_origem=newsletter&_kpa_oglobo_utm_midia=email&_kpa_oglobo_utm_campanha=newstarde&_kpa_browser_name=Chrome&t_navigation_type=0&t_dns=394&t_tcp=464&t_http_request=-1&t_http_response=447&t_content_ready=5577&t_window_load=0&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=w7nfaj7my&_kurl_=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&userdata_user=OtNC_FUY%2Cw7nfaj7my&sview=1&kplt0=19929&kplt1=19930&kplt2=19936&kplt3=27202&kplt4=30153&kplt5=32767&kplt6=35254&kplt7=38352&kplt8=38515&kplt9=43900&kplt11=46183&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C69%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C40%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C105%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C37
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.130.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-130-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
cache-control: private, no-cache, no-store
x-request-time: D=142 t=1646790366
x-served-by: beacon-n018-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 64ms
30ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.113.js

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Mar 2022 01:46:07 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 9ms
9ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 3241
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: d2c+S+ILbil9YoWV0pdRt5sw8P0XC/NhHYbhmL4aRwQla6EAzDzo1EmADmZOYSNh2V3J9hbip1I=
x-served-by: cache-hhn4078-HHN
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1646790367.283588,VS0,VE0
date: Wed, 09 Mar 2022 01:46:07 GMT
vary: Accept-Encoding
x-amz-request-id: 6CY1FG8Q11T7G8KE
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 18
x-cache-hits: 1078

GET
H2 200 eid.js Show response
cdn.taboola.com/scripts/ 14 KB
5 KB 9ms
9ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding: gzip
etag: "f7917ed1eb799a729725a7db50d1f828"
age: 1794
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5258
x-amz-id-2: Rhh0WCO+nH/zCfz3jMuRc6c0XnxbSs+HWO0GK9r2x4mf5YFhPlfQqTSv3iCD1wQHcZnxVg9CFQU=
x-served-by: cache-hhn4078-HHN
last-modified: Tue, 28 Dec 2021 08:10:40 GMT
server: AmazonS3
x-timer: S1646790367.283667,VS0,VE0
date: Wed, 09 Mar 2022 01:46:07 GMT
vary: Accept-Encoding
x-amz-request-id: 4QYNQ0077R21PYSA
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 18
x-cache-hits: 593

GET
H2 200 / Show response
pips.taboola.com/ 64 B
245 B 52ms
16ms XHR
text/plain 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 8c25a115a76cba794c549e00c8b10f455a2c559d6c4368680224e57b987a9a18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-mxp6955-MXP
access-control-allow-methods: GET
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 262ms
86ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=653037c0-dbf4-4d19-8c75-f32fc6fa0dc6-tuct9218c5c&uad=81edffc3888c648a2ef4322e49ab1472d8e818a2038ec4b282d6dfd019f283ed
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 09 Mar 2022 01:46:07 GMT
Cache-Control: no-store
Server: nginx
Connection: close

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 9A54 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://blogs.oglobo.globo.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Wed, 09 Mar 2022 01:46:07 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 97 KB
31 KB 64ms
31ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 21:31:17 GMT
server: nginx
etag: W/"62194aa5-18342"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Mar 2022 01:46:07 GMT

GET
H2 200 player.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/ 2 MB
555 KB 975ms
974ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Requested by: Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 5042161c4a24ceca086995677e9d8a23e7270065023c81dafee83efbb95cf18a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
x-openstack-request-id: tx10ff4e3aba57447fa96fb-006228022f
last-modified: Thu, 03 Feb 2022 14:54:40 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1643898583.000000
x-timestamp: 1643900079.58871
cache-control: public, max-age=1800
content-type: application/javascript
x-trans-id: tx10ff4e3aba57447fa96fb-006228022f
x-request-id: 58376615-cfb6-4459-a60e-1206bb441756

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3725 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswPcdszAio9xFfH05NiJkfHvWpikqw7MqGz0VPdJS8_NKrTGJ2ePPe6T1AeMD44Vl-rtek1c3If2-Dc0a7g247a1JFxddKXWl3j5WCxV35QRYWSXum&sig=Cg0ArKJSzFdos1zpJ22pEAE&id=lidar2&mcvt=1000&p=133,436,223,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220307&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=436941508&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646790365991&rpt=639&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 wl Show response
t.pubmatic.com/ Frame 6FF6 17 B
187 B 43ms
12ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=157163
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:07 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ Frame 9F88 17 B
99 B 13ms
13ms XHR
text/plain 185.64.189.226
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=157163
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:07 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
DATA 200
OK truncated
/ Frame 85D5 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 stream-locale-pt-BR.c1dbd14345e5f105ed6a3aab257eafea.chunk.js Show response
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/ Frame 85D5 43 KB
13 KB 2293ms
2293ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/stream-locale-pt-BR.c1dbd14345e5f105ed6a3aab257eafea.chunk.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/stream.ec444b2b9e0c4eb0951e37cf1147f9dd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2ba053159f3ed7c3417eab551c45fb9ed82a2c81e0078932173bba0f13e0af98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
x-openstack-request-id: txe1ff08d4a03e4e619b775-0062193a0a
last-modified: Thu, 28 Jan 2021 18:10:09 GMT
x-thanos: 0AB47186
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1611856603.000000
x-timestamp: 1611857408.09748
cache-control: public, max-age=5184000
content-type: application/javascript
x-trans-id: txe1ff08d4a03e4e619b775-0062193a0a
x-request-id: 5dde30a0-cdca-4584-b39a-a0a0b9338e0f

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FA0E 52 KB
17 KB 130ms
30ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 10 Mar 2022 01:46:11 GMT
Date: Wed, 09 Mar 2022 01:46:09 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3D89 281 B
554 B 19ms
18ms Document
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Mar 2022 01:46:08 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7D77 52 KB
17 KB 128ms
29ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 10 Mar 2022 01:46:11 GMT
Date: Wed, 09 Mar 2022 01:46:09 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3D89 32 KB
10 KB 29ms
29ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 31f905374457a5300e13a4c80dc5220d85c84a903b1da9d2562ac53c2ed6353a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=35999
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9535
Expires: Wed, 09 Mar 2022 11:46:07 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7D77 0
731 B 17ms
17ms Script
text/html 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:09 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d93863c2-fcd4-4580-8e79-a36e5062fafa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FA0E 0
731 B 27ms
27ms Script
text/html 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:09 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 588d9568-4a6e-437a-8297-6d4e91ff5f9b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1E8B 281 B
554 B 29ms
29ms Document
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Mar 2022 01:46:09 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 41FC 15 KB
6 KB 61ms
57ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=36438
expires: Wed, 09 Mar 2022 11:53:27 GMT
date: Wed, 09 Mar 2022 01:46:09 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3B41 52 KB
17 KB 58ms
56ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 10 Mar 2022 01:46:11 GMT
Date: Wed, 09 Mar 2022 01:46:09 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1E8B 32 KB
10 KB 41ms
40ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 31f905374457a5300e13a4c80dc5220d85c84a903b1da9d2562ac53c2ed6353a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=35998
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9535
Expires: Wed, 09 Mar 2022 11:46:07 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3B41 0
731 B 50ms
49ms Script
text/html 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:09 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 84784fea-66c5-4d9a-9445-a986446287bc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 41FC 2 KB
3 KB 182ms
64ms Script
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=82574184&p=157163&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 30f41dc0e769cc424fcd68b5376f177debbe7b44993a00b0fe98c625f5bbe67f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8EFD 52 KB
17 KB 79ms
77ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 10 Mar 2022 01:46:11 GMT
Date: Wed, 09 Mar 2022 01:46:09 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7DB9 15 KB
6 KB 66ms
65ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=36438
expires: Wed, 09 Mar 2022 11:53:27 GMT
date: Wed, 09 Mar 2022 01:46:09 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C281 281 B
554 B 48ms
47ms Document
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Mar 2022 01:46:09 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C281 32 KB
10 KB 52ms
51ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 31f905374457a5300e13a4c80dc5220d85c84a903b1da9d2562ac53c2ed6353a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=35998
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9535
Expires: Wed, 09 Mar 2022 11:46:07 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8EFD 0
731 B 52ms
52ms Script
text/html 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:09 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1d9cc8cc-5c02-485f-929e-2435deb6bce3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 791C 35 B
467 B 65ms
45ms Document
image/gif 37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=5A686C50-F385-4522-A8C4-FE1EE8F6C88C

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 01:46:09 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0B96
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ab86228-06dd-4400-87b6-fb86c8bc6cd1&gdpr=0&gdpr_consent=

42 B
341 B

181ms
66ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ab86228-06dd-4400-87b6-fb86c8bc6cd1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 01:46:08 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug020:0:400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Wed, 09 Mar 2022 01:46:09 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4245 b916d47 master cdg-pixel-x28 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:9ab86228-06dd-4400-87b6-fb86c8bc6cd1&gdpr=0&gdpr_consent=
Expires: Wed, 09 Mar 2022 01:46:08 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame AB10
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5594663948572994553

42 B
211 B

44ms
39ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5594663948572994553
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 01:46:10 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug013:0:446
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5594663948572994553
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 8A8F
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
187 B

112ms
72ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 01:46:09 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug010:0:470
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

date: Wed, 09 Mar 2022 01:46:09 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: Wed, 09 Mar 2022 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1050727
strict-transport-security: max-age=31536000; preload;

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D399
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7072910782518261901

42 B
520 B

105ms
65ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7072910782518261901
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 01:46:08 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug019:0:375
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Wed, 09 Mar 2022 01:46:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7072910782518261901

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 41FC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WmhsUPOFRSKoxP4e6PbIjA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

43ms
40ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=36437
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Wed, 09 Mar 2022 11:53:27 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 41FC
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9ab86228-06dd-4400-87b6-fb86c8bc6cd1

0
260 B

181ms
73ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9ab86228-06dd-4400-87b6-fb86c8bc6cd1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:04:43 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 09 Mar 2022 01:46:09 GMT
Server: MT3 4245 b916d47 master cdg-pixel-x9 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9ab86228-06dd-4400-87b6-fb86c8bc6cd1
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 09 Mar 2022 01:46:08 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 41FC
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=5A686C50-F385-4522-A8C4-FE1EE8F6C88C
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=250813e726cfafe233be3774ee01a3c2&gdpr=
https://spl.zeotap.com/?zdid=1332&zcluid=dca83e11a91560c6
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fd83f6e2-eda6-4b96-7f99-6e115b03261f&reqId=a79e1e6d-fa59-42e7-723c-9ea866056837&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEDYkxMCtWVXUHc_FNtMxG2k&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fd83f6e2-eda6-4b96-7f99-6e115b03261f&reqId=a79e1e6d-fa59-42e7-723c-9ea...

95 B
163 B

61ms
60ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEDYkxMCtWVXUHc_FNtMxG2k&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fd83f6e2-eda6-4b96-7f99-6e115b03261f&reqId=a79e1e6d-fa59-42e7-723c-9ea866056837&zcluid=dca83e11a91560c6&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6e9022aa3eaa01fc-ZRH
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEDYkxMCtWVXUHc_FNtMxG2k&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fd83f6e2-eda6-4b96-7f99-6e115b03261f&reqId=a79e1e6d-fa59-42e7-723c-9ea866056837&zcluid=dca83e11a91560c6&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 41FC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUE2ODZDNTAtRjM4NS00NTIyLUE4QzQtRkUxRUU4RjZDODhD&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
341 B

168ms
67ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:323
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 41FC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEiA_8mEjfPuH05eAsCz-p0&google_cver=1

42 B
280 B

168ms
68ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEiA_8mEjfPuH05eAsCz-p0&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug027:0:578
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEiA_8mEjfPuH05eAsCz-p0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 41FC 43 B
409 B 59ms
57ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 08 Mar 2022 01:46:09 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 41FC
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=479309700090018596

42 B
232 B

181ms
66ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=479309700090018596
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
cache-control: no-store, no-cache, private
x-lat: amspug008:0:395
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:09 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=479309700090018596
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 41FC
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=76d388c0-c5d9-40f4-be78-96af4a2bb761

42 B
450 B

74ms
72ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=76d388c0-c5d9-40f4-be78-96af4a2bb761
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
cache-control: no-store, no-cache, private
x-lat: amspug014:0:398
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=76d388c0-c5d9-40f4-be78-96af4a2bb761
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 41FC
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3724626452339462965&gdpr=0&gdpr_consent=

42 B
312 B

189ms
67ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3724626452339462965&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug030:0:410
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:09 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f771995f-34b9-41b3-8377-c9d2d5c6a938
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3724626452339462965&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7D77 0
731 B 74ms
63ms Script
text/html 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:10 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 583f795d-fcbf-4c64-9b8a-7c621e2240be
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FA0E 0
731 B 66ms
61ms Script
text/html 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:10 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: eb3b3ce6-e4a1-464e-aa25-f634a33ed4b0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3B41 0
731 B 36ms
36ms Script
text/html 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:10 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 22bedf07-ce43-493c-a54a-e42280b8293b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8EFD 0
731 B 65ms
64ms Script
text/html 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:10 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5c67863c-d202-4516-b5dd-8509dd64d292
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 367 KB
122 KB 372ms
224ms Script
text/javascript 2a00:1450:4001:800::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f7492476dfa60f0146889b13e37c67fd1a70e42e6ddb017c0c08e25148fd8985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124424
x-xss-protection: 0
expires: Wed, 09 Mar 2022 01:46:12 GMT

GET
H2 200 ima3_dai.js Show response
imasdk.googleapis.com/js/sdkloader/ 427 KB
142 KB 159ms
14ms Script
text/javascript 2a00:1450:4001:800::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3_dai.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f5141781ae3fd5addc6cfe635f6d63ff49c618c8b4de29c02050bfb1c1c20c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145086
x-xss-protection: 0
expires: Wed, 09 Mar 2022 01:46:11 GMT

GET
H2 200 graphql Show response
oglobo.comentarios.globo.com/api/ Frame 85D5 205 B
483 B 292ms
285ms Fetch
application/json 131.0.25.85
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.comentarios.globo.com/api/graphql?query=&id=26ec6fb6706a50ae3e592654f5dc4518&variables=%7B%22storyID%22%3Anull%2C%22storyURL%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%22%7D

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/vendors~account~admin~auth~install~stream.fed0baa2de5aacf2dc8768b3dc3f5563.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.85 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

2616c4d2f261d1ec5e5ae14ec213bc12b4969dff1a9bf6c3fa865752cc806159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&v=6.7.1&ts=1646790300000&initialWidth=700&childId=box-comments&parentTitle=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
X-Coral-Client-ID: b2b3d910-9f4a-11ec-abf1-1f5f2d1ca2e7
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: b2f723a0-9f4a-11ec-83c4-fb586a20347e
date: Wed, 09 Mar 2022 01:46:12 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
etag: W/"cd-/3iyW4t4akcHRBACmomqCfpFjaQ"
vary: Accept-Encoding
content-language: pt-BR
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type
x-xss-protection: 1; mode=block

GET
H2 200 graphql Show response
oglobo.comentarios.globo.com/api/ Frame 85D5 2 KB
1 KB 295ms
276ms Fetch
application/json 131.0.25.85
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.comentarios.globo.com/api/graphql?query=&id=81fcfa8ace817dce2f37c314891440d5&variables=%7B%22storyID%22%3Anull%2C%22storyURL%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%22%2C%22storyMode%22%3Anull%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.85 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

2e4b90cb4fde57261da0d6281ddb4973a819c7ae47b71ac3644e8c5fe7f72be9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&v=6.7.1&ts=1646790300000&initialWidth=700&childId=box-comments&parentTitle=Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%20%7C%20Malu%20Gaspar%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
X-Coral-Client-ID: b2b3d910-9f4a-11ec-abf1-1f5f2d1ca2e7
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: b2f8aa40-9f4a-11ec-8bd5-9342483bec80
date: Wed, 09 Mar 2022 01:46:12 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
etag: W/"878-mfpm8GGttIzPU0mszydbMwuYDPM"
vary: Accept-Encoding
content-language: pt-BR
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type
x-xss-protection: 1; mode=block

GET
H2 200 bold.woff2
s3.glbimg.com/cdn/fonts/opensans/ Frame 85D5 10 KB
11 KB 765ms
244ms Font
application/octet-stream 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/bold.woff2
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b

Request headers

Referer: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/style.css
Origin: https://oglobo.comentarios.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:12 GMT
x-openstack-request-id: tx146dca0fcc7a448dbe1f4-006065c663
last-modified: Tue, 25 Jun 2019 17:35:22 GMT
x-thanos: 0AB24042
etag: 8593a5a07cf620d4512fcb71cbcd07a6
vary: Accept-Encoding, Origin
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control: public, max-age=31536000
content-length: 10284
accept-ranges: bytes
x-trans-id: tx146dca0fcc7a448dbe1f4-006065c663
x-request-id: 6fd4b75c-9b0a-46c4-bbb4-eeef4fcd7cf6
x-timestamp: 1561484121.35690

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 41FC 0
260 B 105ms
39ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=157163&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 60ms
59ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6df0333bac1a762f153076c8f1b1b55c81a7a2038f70bfbc2df5337fd35a7cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10538
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C2AF 13 KB
5 KB 73ms
69ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=blogs.oglobo.globo.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2357
date: Wed, 09 Mar 2022 01:46:11 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:46:12 GMT

GET
H2 204 social
am-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 0
230 B 45ms
45ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/3/social?route=AM:AM:V&tvi2=4948&lti=deflated&ri=cf8a7d6f1f5007cea7b78e85303bdc7e&sd=v2_160b5bda917f326cbfbda7754bc9a97b_653037c0-dbf4-4d19-8c75-f32fc6fa0dc6-tuct9218c5c_1646790364_1646790364_CNawjgYQlv9JGNmd6-L2LyABKAEwODib4wlAjooQSPat2QNQqOwQWABgAGjb_5X0ga2ul6YBcAA&ui=653037c0-dbf4-4d19-8c75-f32fc6fa0dc6-tuct9218c5c&pi=/malu-gaspar/post/isencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html&wi=-7425918557199498964&pt=text&vi=1646790364889&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A2%2C%22m%22%3A%22stp%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22Isen%C3%A7%C3%A3o%20de%20tarifa%20para%20asa%20delta%20foi%20pedido%20de%20amigo%20de%20Bolsonaro%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%22Sem%20Autor%22%5D%2C%22img%22%3A%22https%3A%2F%2Fs2.glbimg.com%2Fel2nXAIMf-MFP1dx9wU0IUt-_fM%3D%2F640x424%2Fi.glbimg.com%2Fog%2Fig%2Finfoglobo1%2Ff%2Foriginal%2F2020%2F09%2F25%2Fa.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=01%3A46%3A12.280&id=9495&llvl=2&cv=20220308-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 09 Mar 2022 01:46:12 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 graphql Show response
oglobo.comentarios.globo.com/api/ Frame 85D5 2 KB
1 KB 277ms
275ms Fetch
application/json 131.0.25.85
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.comentarios.globo.com/api/graphql?query=&id=cf0bfa0e60dd576a3908cde9a42cd1f0&variables=%7B%22storyID%22%3Anull%2C%22storyURL%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fmalu-gaspar%2Fpost%2Fisencao-de-tarifa-para-asa-delta-foi-pedido-de-amigo-de-bolsonaro.html%22%2C%22commentsOrderBy%22%3A%22CREATED_AT_DESC%22%2C%22tag%22%3Anull%2C%22storyMode%22%3Anull%2C%22flattenReplies%22%3Afalse%2C%22ratingFilter%22%3Anull%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.85 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS