urlscan.io logo urlscan.io
SecurityTrails logo

oglobo.globo.com Open in urlscan Pro
201.7.177.244  Public Scan

Go To Rescan Add Verdict Report
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtm...
Submission: On October 26 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 175 IPs in 15 countries across 132 domains to perform 666 HTTP transactions. The main IP is 201.7.177.244, located in Brazil and belongs to Globo Comunicacao e Participacoes SA, BR. The main domain is oglobo.globo.com. The Cisco Umbrella rank of the primary domain is 203347.
TLS certificate: Issued by R3 on September 28th 2023. Valid for: 3 months.
This is the only time oglobo.globo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 201.7.177.244 28604 (Globo Com...)
36 186.192.90.3 28604 (Globo Com...)
6 172.217.16.193 15169 (GOOGLE)
3 104.18.214.59 13335 (CLOUDFLAR...)
5 34.151.224.123 396982 (GOOGLE-CL...)
8 186.192.91.5 28604 (Globo Com...)
12 186.192.91.9 28604 (Globo Com...)
1 151.139.128.10 20446 (STACKPATH...)
3 35.190.14.224 15169 (GOOGLE)
23 104.18.176.126 13335 (CLOUDFLAR...)
1 172.64.207.9 13335 (CLOUDFLAR...)
4 23.210.115.50 16625 (AKAMAI-AS)
2 104.17.194.118 13335 (CLOUDFLAR...)
14 142.250.181.226 15169 (GOOGLE)
1 2 23.37.63.179 16625 (AKAMAI-AS)
1 3 18.245.60.107 16509 (AMAZON-02)
2 104.16.89.20 13335 (CLOUDFLAR...)
4 35.211.79.33 19527 (GOOGLE-2)
3 104.22.52.86 13335 (CLOUDFLAR...)
1 65.9.92.211 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
16 178.250.1.3 44788 (ASN-CRITE...)
3 65.9.66.97 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
3 142.250.185.97 15169 (GOOGLE)
3 167.235.124.61 24940 (HETZNER-AS)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
3 34.253.64.164 16509 (AMAZON-02)
4 2.23.8.228 16625 (AKAMAI-AS)
3 52.217.204.176 16509 (AMAZON-02)
3 142.250.186.130 15169 (GOOGLE)
1 35.190.39.111 15169 (GOOGLE)
12 178.250.1.11 44788 (ASN-CRITE...)
1 3 35.244.159.8 15169 (GOOGLE)
7 141.95.98.65 16276 (OVH)
1 3 52.71.139.182 14618 (AMAZON-AES)
2 99.86.4.128 16509 (AMAZON-02)
1 13.32.121.46 16509 (AMAZON-02)
1 35.167.11.164 16509 (AMAZON-02)
5 18 37.252.171.52 29990 (ASN-APPNEX)
2 147.75.84.158 54825 (PACKET)
1 13.32.121.90 16509 (AMAZON-02)
3 213.19.162.44 3356 (LEVEL3)
1 34.120.63.153 396982 (GOOGLE-CL...)
2 185.64.189.112 62713 (AS-PUBMATIC)
2 216.52.2.39 32475 (SINGLEHOP...)
2 13 104.18.36.155 13335 (CLOUDFLAR...)
1 167.99.21.53 14061 (DIGITALOC...)
5 108.138.1.25 16509 (AMAZON-02)
2 13.32.119.77 16509 (AMAZON-02)
1 3 34.110.201.227 396982 (GOOGLE-CL...)
1 178.250.1.8 44788 (ASN-CRITE...)
2 34.149.50.64 15169 (GOOGLE)
1 185.86.139.59 201081 (SMARTADSE...)
9 172.217.23.104 15169 (GOOGLE)
11 216.58.212.130 15169 (GOOGLE)
8 23.36.232.182 16625 (AKAMAI-AS)
2 172.67.36.110 13335 (CLOUDFLAR...)
1 186.192.81.117 28604 (Globo Com...)
21 104.17.24.14 13335 (CLOUDFLAR...)
3 142.250.185.138 15169 (GOOGLE)
2 35.244.153.86 15169 (GOOGLE)
2 35.198.52.213 396982 (GOOGLE-CL...)
9 142.250.186.65 15169 (GOOGLE)
2 63.215.202.146 41041 (VCLK-EU-SE)
3 172.67.23.234 13335 (CLOUDFLAR...)
14 142.250.185.174 15169 (GOOGLE)
3 104.22.29.151 13335 (CLOUDFLAR...)
1 142.250.186.187 15169 (GOOGLE)
2 18.245.64.124 16509 (AMAZON-02)
3 172.67.159.162 13335 (CLOUDFLAR...)
2 157.240.252.13 32934 (FACEBOOK)
29 151.101.65.44 54113 (FASTLY)
2 142.250.185.131 15169 (GOOGLE)
2 54.225.37.209 14618 (AMAZON-AES)
2 216.239.34.36 15169 (GOOGLE)
1 178.250.1.17 44788 (ASN-CRITE...)
5 142.250.186.100 15169 (GOOGLE)
2 162.19.138.120 16276 (OVH)
1 142.250.184.206 15169 (GOOGLE)
1 44.241.21.199 16509 (AMAZON-02)
1 44.216.72.29 14618 (AMAZON-AES)
3 104.16.14.243 13335 (CLOUDFLAR...)
3 35.201.123.184 396982 (GOOGLE-CL...)
2 35.198.44.170 396982 (GOOGLE-CL...)
2 3.125.217.113 16509 (AMAZON-02)
4 162.19.96.35 16276 (OVH)
1 151.101.66.202 54113 (FASTLY)
1 178.250.1.6 44788 (ASN-CRITE...)
1 104.21.50.90 13335 (CLOUDFLAR...)
1 146.75.116.193 54113 (FASTLY)
1 142.250.181.238 15169 (GOOGLE)
1 185.64.189.226 62713 (AS-PUBMATIC)
1 157.240.0.35 32934 (FACEBOOK)
2 3 35.204.158.49 396982 (GOOGLE-CL...)
11 19 142.250.184.194 15169 (GOOGLE)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
1 35.227.252.103 15169 (GOOGLE)
19 29 69.173.144.165 26667 (RUBICONPR...)
1 1 51.89.9.254 16276 (OVH)
2 185.86.138.154 201081 (SMARTADSE...)
1 1 20.127.253.7 8075 (MICROSOFT...)
1 104.18.41.170 13335 (CLOUDFLAR...)
2 178.250.1.15 44788 (ASN-CRITE...)
3 178.250.1.25 44788 (ASN-CRITE...)
2 108.177.15.155 15169 (GOOGLE)
1 34.95.229.88 396982 (GOOGLE-CL...)
1 63.33.100.143 16509 (AMAZON-02)
2 142.250.186.46 15169 (GOOGLE)
1 35.241.9.51 15169 (GOOGLE)
2 172.217.16.195 15169 (GOOGLE)
1 178.250.7.12 44788 (ASN-CRITE...)
6 34.107.254.252 396982 (GOOGLE-CL...)
1 104.17.119.17 13335 (CLOUDFLAR...)
18 142.250.74.206 15169 (GOOGLE)
18 141.226.124.48 200478 (TABOOLA-AS)
1 1 124.146.153.163 2514 (INFOSPHER...)
2 14 141.226.228.48 200478 (TABOOLA-AS)
2 2 52.59.9.110 16509 (AMAZON-02)
5 7 52.18.209.83 16509 (AMAZON-02)
1 1 35.208.249.213 15169 (GOOGLE)
1 100.24.133.143 14618 (AMAZON-AES)
11 198.47.127.205 62713 (AS-PUBMATIC)
11 52.223.40.198 16509 (AMAZON-02)
1 2 208.93.169.131 46244 (WEBMD-IDC...)
5 6 178.250.1.9 44788 (ASN-CRITE...)
3 6 52.28.245.130 16509 (AMAZON-02)
3 3 3.121.136.63 16509 (AMAZON-02)
3 3 3.126.32.212 16509 (AMAZON-02)
1 2 76.223.111.18 16509 (AMAZON-02)
3 98.98.134.243 21859 (ZEN-ECN)
6 34.102.185.99 396982 (GOOGLE-CL...)
1 141.226.224.32 200478 (TABOOLA-AS)
2 172.64.160.4 13335 (CLOUDFLAR...)
14 104.79.89.214 16625 (AKAMAI-AS)
2 35.244.193.51 15169 (GOOGLE)
3 151.101.1.108 54113 (FASTLY)
6 10 69.173.144.139 26667 (RUBICONPR...)
1 1 69.173.151.100 26667 (RUBICONPR...)
4 198.47.127.19 3257 (GTT-BACKB...)
2 4 52.94.222.140 16509 (AMAZON-02)
2 4 52.46.128.147 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
6 7 52.51.16.139 16509 (AMAZON-02)
6 6 3.75.62.37 16509 (AMAZON-02)
1 2.16.2.120 20940 (AKAMAI-ASN1)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 54.157.140.221 14618 (AMAZON-AES)
1 3.66.9.9 16509 (AMAZON-02)
1 13.32.99.20 16509 (AMAZON-02)
1 104.18.41.104 13335 (CLOUDFLAR...)
1 2 216.52.2.16 30282 (AS-INAPCD...)
2 2 54.165.78.186 14618 (AMAZON-AES)
1 1 192.132.33.69 18568 (BIDTELLECT)
4 5 37.157.3.26 198622 (ADFORM)
5 5 46.228.164.11 56396 (AMOBEE)
10 11 46.228.174.117 56396 (AMOBEE)
2 35.244.174.68 15169 (GOOGLE)
1 64.202.112.255 22075 (AS-OUTBRAIN)
1 54.77.100.160 16509 (AMAZON-02)
1 52.49.194.113 16509 (AMAZON-02)
1 67.202.105.22 32748 (STEADFAST)
1 54.145.89.160 14618 (AMAZON-AES)
2 4 34.98.64.218 396982 (GOOGLE-CL...)
1 142.250.185.74 15169 (GOOGLE)
2 2 91.228.74.206 16509 (AMAZON-02)
8 185.64.191.210 62713 (AS-PUBMATIC)
1 3 52.48.43.143 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 52.3.75.156 14618 (AMAZON-AES)
1 5 198.47.127.20 3257 (GTT-BACKB...)
1 173.231.16.77 18450 (WEBNX)
1 2 151.101.130.49 54113 (FASTLY)
1 1 185.86.139.94 201081 (SMARTADSE...)
1 1 82.145.213.8 39832 (NO-OPERA)
2 72.251.241.196 32475 (SINGLEHOP...)
1 2 35.186.193.173 15169 (GOOGLE)
2 2 213.155.156.164 1299 (TWELVE99 ...)
2 2 193.0.160.130 54312 (ROCKETFUEL)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.94.240.141 16276 (OVH)
2 2 141.94.170.77 16276 (OVH)
1 2 104.18.25.173 13335 (CLOUDFLAR...)
1 104.22.24.87 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
1 1 51.222.80.231 16276 (OVH)
6 6 64.158.223.137 41041 (VCLK-EU-SE)
1 1 64.227.64.62 14061 (DIGITALOC...)
1 18.66.97.65 ()
2 104.18.38.76 ()
8 104.79.88.129 ()
1 162.55.120.196 ()
1 1 34.102.253.54 ()
3 23.212.88.20 ()
1 2.23.8.24 ()
1 1 50.31.142.31 ()
2 2 185.184.8.90 ()
4 4 34.192.97.180 ()
2 34.202.8.31 ()
1 23.55.161.173 ()
6 18.66.97.18 ()
1 1 185.64.190.79 ()
1 54.236.80.3 ()
666 175
2    201.7.177.244 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
oglobo.globo.com
36    186.192.90.3 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-90-3.prt.globo.com
s3.glbimg.com
6    172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f1.1e100.net
cdn.ampproject.org
3    104.18.214.59 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
5    34.151.224.123 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 123.224.151.34.bc.googleusercontent.com
static.infoglobo.com.br
8    186.192.91.5 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-5.prt.globo.com
barra.globo.com
p.glbimg.com
s.glbimg.com
12    186.192.91.9 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-9.prt.globo.com
s2-oglobo.glbimg.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn.petametrics.com
3    35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com
query.petametrics.com
23    104.18.176.126 (None, )

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
1    172.64.207.9 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
4    23.210.115.50 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-115-50.deploy.static.akamaitechnologies.com
cdn.cxense.com
2    104.17.194.118 (None, )

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
14    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
2    23.37.63.179 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-63-179.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
3    18.245.60.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-107.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    35.211.79.33 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 33.79.211.35.bc.googleusercontent.com
horizon.globo.com
horizon-track.globo.com
3    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    65.9.92.211 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-92-211.prg50.r.cloudfront.net
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
16    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
3    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
05c502ba649bf3c992463b0855105ee3.safeframe.googlesyndication.com
3    167.235.124.61 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0039.cxense.com
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
3    34.253.64.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-64-164.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
4    2.23.8.228 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-8-228.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    52.217.204.176 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
3    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googletagservices.com
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
12    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
u.openx.net
us-u.openx.net
7    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
3    52.71.139.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-139-182.compute-1.amazonaws.com
rp.liadm.com
2    99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    13.32.121.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-46.fra60.r.cloudfront.net
client.aps.amazon-adsystem.com
1    35.167.11.164 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-11-164.us-west-2.compute.amazonaws.com
pixel.adsafeprotected.com
18    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    13.32.121.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-90.fra60.r.cloudfront.net
hb.undertone.com
3    213.19.162.44 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    216.52.2.39 (New York, United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
13    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    167.99.21.53 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
ads.resetsrv.com
5    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net
aax.amazon-adsystem.com
3    34.110.201.227 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 227.201.110.34.bc.googleusercontent.com
id.globo.com
1    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
2    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    185.86.139.59 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
9    172.217.23.104 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f104.1e100.net
www.googletagmanager.com
11    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
pagead2.googlesyndication.com
8    23.36.232.182 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-232-182.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    172.67.36.110 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    186.192.81.117 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-117.prt.globo.com
horizon-schemas.globo.com
21    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
fonts.googleapis.com
2    35.244.153.86 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 86.153.244.35.bc.googleusercontent.com
cocoon.globo.com
2    35.198.52.213 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.52.198.35.bc.googleusercontent.com
globo-mab.globo.com
9    142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net
tpc.googlesyndication.com
2    63.215.202.146 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-convex-float1.dotomi.com
proc.ad.cpe.dotomi.com
3    172.67.23.234 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
14    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
www.google-analytics.com
3    104.22.29.151 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.targeting.voxus.com.br
targeting.voxus.com.br
1    142.250.186.187 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f27.1e100.net
gadasource.storage.googleapis.com
2    18.245.64.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-64-124.fra60.r.cloudfront.net
static.chartbeat.com
3    172.67.159.162 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
2    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
29    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
vidstat.taboola.com
match.taboola.com
pips.taboola.com
imprchmp.taboola.com
vidstatb.taboola.com
vidanalytics.taboola.com
2    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
2    54.225.37.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-37-209.compute-1.amazonaws.com
idx.liadm.com
2    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    178.250.1.17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
5    142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net
www.google.com
2    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
ampcid.google.com
1    44.241.21.199 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-21-199.us-west-2.compute.amazonaws.com
ivccf.ivcbrasil.org.br
1    44.216.72.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-72-29.compute-1.amazonaws.com
ping.chartbeat.net
3    104.16.14.243 (None, )

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
3    35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
d.tailtarget.com
2    35.198.44.170 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 170.44.198.35.bc.googleusercontent.com
usergate.globo.com
2    3.125.217.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-217-113.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
4    162.19.96.35 (France)

ASN16276 (OVH, FR)
PTR: haproxy03.cl13.ovh.mrf.io
events.newsroom.bi
1    151.101.66.202 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    104.21.50.90 (None, )

ASN13335 (CLOUDFLARENET, US)
flowcards.mrf.io
1    146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
ampcid.google.de
1    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
1    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
3    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
19    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
2    85.114.159.118 (Mossingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
29    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
2    185.86.138.154 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    104.18.41.170 (None, )

ASN13335 (CLOUDFLARENET, US)
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
2    178.250.1.15 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
3    178.250.1.25 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net
stats.g.doubleclick.net
1    34.95.229.88 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 88.229.95.34.bc.googleusercontent.com
globo-ab.globo.com
1    63.33.100.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-100-143.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net
www.youtube.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co
2    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net
www.google.de
1    178.250.7.12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
6    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    104.17.119.17 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
18    142.250.74.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net
fundingchoicesmessages.google.com
18    141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)
ch-trc-events.taboola.com
ch-match.taboola.com
ch-vid-events.taboola.com
1    124.146.153.163 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
14    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
sync-t1.taboola.com
2    52.59.9.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-9-110.eu-central-1.compute.amazonaws.com
ih.adscale.de
7    52.18.209.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-209-83.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
1    100.24.133.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-133-143.compute-1.amazonaws.com
jadserve.postrelease.com
11    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
11    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
6    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
6    52.28.245.130 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-245-130.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    3.121.136.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-136-63.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
3    3.126.32.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-32-212.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
6    34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com
tt-12842-2.seg.t.tailtarget.com
b.t.tailtarget.com
dmp.t.tailtarget.com
t.tailtarget.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    172.64.160.4 (United States)

ASN13335 (CLOUDFLARENET, US)
targeting.voxus.tv
14    104.79.89.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-89-214.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
3    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
10    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
4    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
4    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
7    52.51.16.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-16-139.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
6    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
1    2.16.2.120 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-2-120.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    54.157.140.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-140-221.compute-1.amazonaws.com
sync.ipredictive.com
1    3.66.9.9 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-9-9.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    13.32.99.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-20.fra60.r.cloudfront.net
live.primis.tech
1    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
2    216.52.2.16 (New York, United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
2    54.165.78.186 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-78-186.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    192.132.33.69 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 69.bidtellect.com
bttrack.com
5    37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
5    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
11    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    64.202.112.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    54.77.100.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-100-160.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
1    52.49.194.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-194-113.eu-west-1.compute.amazonaws.com
cs.minutemedia-prebid.com
1    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    54.145.89.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-89-160.compute-1.amazonaws.com
api.voxus.tv
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
taboola-d.openx.net
1    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
imasdk.googleapis.com
2    91.228.74.206 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
8    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    52.48.43.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
id.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    52.3.75.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-75-156.compute-1.amazonaws.com
a.audrte.com
5    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
1    173.231.16.77 (United States)

ASN18450 (WEBNX, US)
PTR: api.ipify.org
api.ipify.org
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    72.251.241.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
cm.ctnsnet.com
2    213.155.156.164 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.94.240.141 (France)

ASN16276 (OVH, FR)
PTR: bixel-12.cloudy.ovh
green.erne.co
2    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel-eu.onaudience.com
2    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    104.22.24.87 (None, )

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh
pixel.onaudience.com
6    64.158.223.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-nessy-float1.dotomi.com
pubmatic-match.dotomi.com
medianet-match.dotomi.com
casale-match.dotomi.com
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    18.66.97.65 (None, )

ASN- ()
cdn.undertone.com
2    104.18.38.76 (None, )

ASN- ()
js-sec.indexww.com
cdn.indexww.com
8    104.79.88.129 (None, )

ASN- ()
contextual.media.net
1    162.55.120.196 (None, )

ASN- ()
matching.truffle.bid
1    34.102.253.54 (None, )

ASN- ()
ads.playground.xyz
3    23.212.88.20 (None, )

ASN- ()
hbx.media.net
c21lg-d.media.net
1    2.23.8.24 (None, )

ASN- ()
cs.media.net
1    50.31.142.31 (None, )

ASN- ()
b1sync.zemanta.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
4    34.192.97.180 (None, )

ASN- ()
i.liadm.com
2    34.202.8.31 (None, )

ASN- ()
i6.liadm.com
1    23.55.161.173 (None, )

ASN- ()
ads.stickyadstv.com
6    18.66.97.18 (None, )

ASN- ()
usr.undertone.com
1    185.64.190.79 (None, )

ASN- ()
image8.pubmatic.com
1    54.236.80.3 (None, )

ASN- ()
logs-01.loggly.com
Apex Domain
Subdomains		 Transfer
62 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
pm-widget.taboola.com — Cisco Umbrella Rank: 3595
trc.taboola.com — Cisco Umbrella Rank: 705
ch-trc-events.taboola.com — Cisco Umbrella Rank: 3996
vidstat.taboola.com — Cisco Umbrella Rank: 3029
sync.taboola.com — Cisco Umbrella Rank: 1322
sync-t1.taboola.com — Cisco Umbrella Rank: 1630
match.taboola.com — Cisco Umbrella Rank: 5178
pips.taboola.com — Cisco Umbrella Rank: 1694
cds.taboola.com — Cisco Umbrella Rank: 1933
imprchmp.taboola.com — Cisco Umbrella Rank: 5193
ch-match.taboola.com — Cisco Umbrella Rank: 5323
ch-vid-events.taboola.com — Cisco Umbrella Rank: 4931
vidstatb.taboola.com — Cisco Umbrella Rank: 5039
vidanalytics.taboola.com — Cisco Umbrella Rank: 10191
736 KB
61 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2300
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3172
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
secure-assets.rubiconproject.com
241 KB
55 glbimg.com
s3.glbimg.com — Cisco Umbrella Rank: 63518
s2-oglobo.glbimg.com — Cisco Umbrella Rank: 198283
p.glbimg.com — Cisco Umbrella Rank: 97128
s.glbimg.com — Cisco Umbrella Rank: 70485
2 MB
36 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 534
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
t.pubmatic.com — Cisco Umbrella Rank: 2736
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image6.pubmatic.com — Cisco Umbrella Rank: 823
image2.pubmatic.com — Cisco Umbrella Rank: 924
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
image8.pubmatic.com
217 KB
35 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
370 KB
24 google.com
www.google.com — Cisco Umbrella Rank: 2
ampcid.google.com — Cisco Umbrella Rank: 2931
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359
68 KB
23 googlesyndication.com
c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
05c502ba649bf3c992463b0855105ee3.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
103 KB
23 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 8527
cdn.tinypass.com — Cisco Umbrella Rank: 6082
buy.tinypass.com — Cisco Umbrella Rank: 6577
337 KB
22 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
bidder.criteo.com — Cisco Umbrella Rank: 757
ads.eu.criteo.com — Cisco Umbrella Rank: 10450
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732
dis.criteo.com — Cisco Umbrella Rank: 597
66 KB
21 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
191 KB
21 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
acdn.adnxs.com — Cisco Umbrella Rank: 609
secure.adnxs.com — Cisco Umbrella Rank: 495
64 KB
21 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986
csm.eu.criteo.net — Cisco Umbrella Rank: 10557
348 KB
18 amazon-adsystem.com
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
client.aps.amazon-adsystem.com — Cisco Umbrella Rank: 12060
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
142 KB
18 globo.com
oglobo.globo.com — Cisco Umbrella Rank: 203347
barra.globo.com — Cisco Umbrella Rank: 105970
horizon.globo.com — Cisco Umbrella Rank: 59399
id.globo.com — Cisco Umbrella Rank: 165685
horizon-schemas.globo.com — Cisco Umbrella Rank: 57106
cocoon.globo.com — Cisco Umbrella Rank: 84468
globo-mab.globo.com — Cisco Umbrella Rank: 71099
horizon-track.globo.com — Cisco Umbrella Rank: 46494
usergate.globo.com — Cisco Umbrella Rank: 77822
globo-ab.globo.com — Cisco Umbrella Rank: 67889
166 KB
16 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
22 KB
13 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
6 KB
13 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net
hbx.media.net
c21lg-d.media.net
cs.media.net
35 KB
12 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
6 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
2 KB
11 liadm.com
rp.liadm.com — Cisco Umbrella Rank: 1574
idx.liadm.com — Cisco Umbrella Rank: 2376
i.liadm.com
i6.liadm.com
5 KB
10 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
rtb.openx.net — Cisco Umbrella Rank: 695
u.openx.net — Cisco Umbrella Rank: 659
taboola-d.openx.net — Cisco Umbrella Rank: 8098
us-u.openx.net
3 KB
10 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
95 KB
9 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 63384
d.tailtarget.com — Cisco Umbrella Rank: 71637
tt-12842-2.seg.t.tailtarget.com — Cisco Umbrella Rank: 108379
b.t.tailtarget.com — Cisco Umbrella Rank: 57903
dmp.t.tailtarget.com — Cisco Umbrella Rank: 212219
t.tailtarget.com — Cisco Umbrella Rank: 7625
28 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
344 KB
9 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
id.crwdcntrl.net
37 KB
8 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2650
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
medianet-match.dotomi.com
casale-match.dotomi.com
3 KB
8 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155
211 KB
8 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 3825
cdn.undertone.com
usr.undertone.com
6 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
4 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
4 KB
7 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2165
cdn.permutive.com — Cisco Umbrella Rank: 2904
106 KB
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 4992
p1cluster.cxense.com — Cisco Umbrella Rank: 9632
comcluster.cxense.com — Cisco Umbrella Rank: 4678
id.cxense.com — Cisco Umbrella Rank: 10459
81 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
1 KB
6 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
120 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
2 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
dmp.adform.net — Cisco Umbrella Rank: 3509
3 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
gadasource.storage.googleapis.com — Cisco Umbrella Rank: 82300
imasdk.googleapis.com — Cisco Umbrella Rank: 447
152 KB
5 infoglobo.com.br
static.infoglobo.com.br — Cisco Umbrella Rank: 208521
72 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
3 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
2 KB
4 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 7374
3 KB
4 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 9321
flowcards.mrf.io — Cisco Umbrella Rank: 21213
49 KB
4 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1611
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
1 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
ce.lijit.com — Cisco Umbrella Rank: 882
2 KB
4 petametrics.com
cdn.petametrics.com — Cisco Umbrella Rank: 13674
query.petametrics.com — Cisco Umbrella Rank: 14383
55 KB
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19303
pixel.onaudience.com — Cisco Umbrella Rank: 3239
2 KB
3 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1497
ssc-cms.33across.com — Cisco Umbrella Rank: 923
424 B
3 voxus.tv
targeting.voxus.tv — Cisco Umbrella Rank: 170755
api.voxus.tv — Cisco Umbrella Rank: 160875
21 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
561 B
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131
2 KB
3 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4780
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
2 KB
3 google.de
ampcid.google.de — Cisco Umbrella Rank: 86280
www.google.de — Cisco Umbrella Rank: 6862
883 B
3 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 28178
usr.navdmp.com — Cisco Umbrella Rank: 33544
cdn.navdmp.com — Cisco Umbrella Rank: 7255
6 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1585
mab.chartbeat.com — Cisco Umbrella Rank: 2550
25 KB
3 voxus.com.br
cdn.targeting.voxus.com.br — Cisco Umbrella Rank: 210255
targeting.voxus.com.br — Cisco Umbrella Rank: 144084
12 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
a.ad.gt — Cisco Umbrella Rank: 1844
4 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
177 KB
3 amazonaws.com
s3.amazonaws.com
458 KB
3 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139
creativecdn.com
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
945 B
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4223
onesignal.com — Cisco Umbrella Rank: 1433
73 KB
2 indexww.com
js-sec.indexww.com
cdn.indexww.com
2 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1222
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
2 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
562 B
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
cm.ctnsnet.com
755 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
565 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
794 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
497 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
1005 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
2 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
2 rlcdn.com
api.rlcdn.com Failed
id.rlcdn.com — Cisco Umbrella Rank: 728
140 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
740 B
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
2 KB
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 3211
633 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 68
68 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
551 B
2 gstatic.com
fonts.gstatic.com
53 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
89 KB
2 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1779
19 KB
2 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1735
450 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
427 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
3 KB
2 piano.io
c2.piano.io — Cisco Umbrella Rank: 5472
6 KB
1 loggly.com
logs-01.loggly.com
293 B
1 advertising.com
pixel.advertising.com
272 B
1 stickyadstv.com
ads.stickyadstv.com
698 B
1 zemanta.com
b1sync.zemanta.com
301 B
1 playground.xyz
ads.playground.xyz
465 B
1 truffle.bid
matching.truffle.bid
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
555 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
439 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31191
412 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
276 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
552 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 3028
238 B
1 minutemedia-prebid.com
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 1901
326 B
1 yellowblue.io
cs.yellowblue.io — Cisco Umbrella Rank: 1590
326 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 807
145 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 826
349 B
1 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
501 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
35 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
516 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
315 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
536 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1122
533 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 904
369 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
723 B
1 prmutv.co
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co — Cisco Umbrella Rank: 134174
394 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 758
338 B
1 permutive.app
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app — Cisco Umbrella Rank: 81898
344 KB
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1562
710 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
336 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7022
271 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1376
201 B
1 ivcbrasil.org.br
ivccf.ivcbrasil.org.br — Cisco Umbrella Rank: 114788
461 B
1 resetsrv.com
ads.resetsrv.com — Cisco Umbrella Rank: 13291
382 B
1 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 736
744 B
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4524
643 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 7597
3 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 zqtk.net Failed
aps.zqtk.net Failed
666 132
Domain Requested by
36 s3.glbimg.com oglobo.globo.com
s3.glbimg.com
p.glbimg.com
s.glbimg.com
barra.globo.com
buy.tinypass.com
www.googletagmanager.com
29 pixel.rubiconproject.com 19 redirects eus.rubiconproject.com
21 cdnjs.cloudflare.com buy.tinypass.com
ads.eu.criteo.com
21 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
s3.glbimg.com
19 cm.g.doubleclick.net 11 redirects c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
eus.rubiconproject.com
18 fundingchoicesmessages.google.com oglobo.globo.com
s3.glbimg.com
16 cdn.taboola.com oglobo.globo.com
cdn.taboola.com
client
16 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
ads.rubiconproject.com
s3.glbimg.com
14 eus.rubiconproject.com ch-match.taboola.com
imprchmp.taboola.com
eus.rubiconproject.com
s3.amazonaws.com
ads.rubiconproject.com
ads.pubmatic.com
cdn.undertone.com
14 ch-trc-events.taboola.com cdn.taboola.com
14 www.google-analytics.com www.googletagmanager.com
s3.glbimg.com
oglobo.globo.com
14 ib.adnxs.com 3 redirects ads.pubmatic.com
ads.rubiconproject.com
s3.amazonaws.com
s3.glbimg.com
acdn.adnxs.com
eus.rubiconproject.com
14 securepubads.g.doubleclick.net s3.glbimg.com
securepubads.g.doubleclick.net
oglobo.globo.com
www.googletagservices.com
c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
12 sync.taboola.com 2 redirects ch-match.taboola.com
imprchmp.taboola.com
eus.rubiconproject.com
12 gum.criteo.com static.criteo.net
gum.criteo.com
cdn.taboola.com
s3.amazonaws.com
ads.rubiconproject.com
ads.pubmatic.com
contextual.media.net
12 s2-oglobo.glbimg.com oglobo.globo.com
s3.glbimg.com
11 match.adsrvr.org ch-match.taboola.com
imprchmp.taboola.com
eus.rubiconproject.com
ads.pubmatic.com
contextual.media.net
ssum-sec.casalemedia.com
cdn.undertone.com
11 simage2.pubmatic.com ads.pubmatic.com
11 pagead2.googlesyndication.com securepubads.g.doubleclick.net
c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
oglobo.globo.com
tpc.googlesyndication.com
www.googletagservices.com
s3.glbimg.com
10 token.rubiconproject.com 6 redirects eus.rubiconproject.com
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
tpc.googlesyndication.com
oglobo.globo.com
9 www.googletagmanager.com s3.glbimg.com
www.googletagmanager.com
8 contextual.media.net ads.pubmatic.com
contextual.media.net
8 image2.pubmatic.com ads.pubmatic.com
8 secure.cdn.fastclick.net oglobo.globo.com
secure.cdn.fastclick.net
7 sync.1rx.io 7 redirects
7 match.prod.bidr.io 6 redirects ssum-sec.casalemedia.com
7 pr-bh.ybp.yahoo.com 5 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
7 id5-sync.com cdn.id5-sync.com
c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
s3.amazonaws.com
ads.pubmatic.com
6 usr.undertone.com cdn.undertone.com
ssum-sec.casalemedia.com
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 x.bidswitch.net 3 redirects ads.pubmatic.com
contextual.media.net
6 dis.criteo.com 5 redirects contextual.media.net
6 api.permutive.com s3.glbimg.com
6 s.glbimg.com oglobo.globo.com
s.glbimg.com
6 cdn.ampproject.org oglobo.globo.com
s3.glbimg.com
5 ad.turn.com 5 redirects
5 ups.analytics.yahoo.com 5 redirects
5 www.google.com c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
tpc.googlesyndication.com
oglobo.globo.com
5 c.amazon-adsystem.com client.aps.amazon-adsystem.com
s3.amazonaws.com
c.amazon-adsystem.com
5 static.infoglobo.com.br oglobo.globo.com
static.infoglobo.com.br
s3.glbimg.com
4 i.liadm.com 4 redirects
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
cdn.undertone.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 taboola-d.openx.net 2 redirects
4 sync.targeting.unrulymedia.com 3 redirects
4 secure.adnxs.com 2 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ssum-sec.casalemedia.com
4 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
ads.pubmatic.com
4 image6.pubmatic.com ads.pubmatic.com
4 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
4 events.newsroom.bi s3.glbimg.com
sdk.mrf.io
4 ads.pubmatic.com securepubads.g.doubleclick.net
s3.amazonaws.com
ads.pubmatic.com
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
3 simage4.pubmatic.com ads.pubmatic.com
3 acdn.adnxs.com s3.amazonaws.com
ads.rubiconproject.com
ads.pubmatic.com
3 pixel-sync.sitescout.com ads.pubmatic.com
cdn.undertone.com
3 rtb.mfadsrvr.com 3 redirects
3 ads.creative-serving.com 3 redirects
3 csm.eu.criteo.net ads.eu.criteo.com
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 horizon-track.globo.com s3.glbimg.com
3 sdk.mrf.io oglobo.globo.com
sdk.mrf.io
3 fonts.googleapis.com buy.tinypass.com
cdn.taboola.com
3 id.globo.com 1 redirects s3.glbimg.com
id.globo.com
3 fastlane.rubiconproject.com ads.pubmatic.com
ads.rubiconproject.com
s3.amazonaws.com
3 rp.liadm.com 1 redirects oglobo.globo.com
s3.amazonaws.com
3 www.googletagservices.com securepubads.g.doubleclick.net
c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
3 s3.amazonaws.com securepubads.g.doubleclick.net
3 bcp.crwdcntrl.net tags.crwdcntrl.net
3 tags.crwdcntrl.net securepubads.g.doubleclick.net
oglobo.globo.com
3 cdn.id5-sync.com securepubads.g.doubleclick.net
oglobo.globo.com
3 sb.scorecardresearch.com 1 redirects oglobo.globo.com
3 query.petametrics.com oglobo.globo.com
2 casale-match.dotomi.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 i6.liadm.com ssum-sec.casalemedia.com
2 creativecdn.com 2 redirects
2 medianet-match.dotomi.com 2 redirects
2 c21lg-d.media.net contextual.media.net
2 pubmatic-match.dotomi.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 pixel-eu.onaudience.com 2 redirects
2 p.rfihub.com 2 redirects
2 d5p.de17a.com 2 redirects
2 cm.adgrx.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 image4.pubmatic.com 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 cms.quantserve.com 2 redirects
2 id.rlcdn.com contextual.media.net
2 sync.srv.stackadapt.com 2 redirects
2 ce.lijit.com 1 redirects
2 pixel.tapad.com 1 redirects eus.rubiconproject.com
2 lexicon.33across.com s3.amazonaws.com
ads.pubmatic.com
2 targeting.voxus.tv targeting.voxus.com.br
targeting.voxus.tv
2 ch-vid-events.taboola.com vidstat.taboola.com
2 ch-match.taboola.com vidstat.taboola.com
2 b.t.tailtarget.com d.tailtarget.com
2 tt-12842-2.seg.t.tailtarget.com d.tailtarget.com
2 eb2.3lift.com 1 redirects
2 sync-t1.taboola.com
2 bh.contextweb.com 1 redirects
2 ih.adscale.de 2 redirects
2 d.tailtarget.com oglobo.globo.com
d.tailtarget.com
2 www.google.de oglobo.globo.com
2 trc.taboola.com s3.glbimg.com
2 www.youtube.com sdk.mrf.io
www.youtube.com
2 targeting.voxus.com.br s3.glbimg.com
cdn.targeting.voxus.com.br
2 stats.g.doubleclick.net s3.glbimg.com
2 imageproxy.eu.criteo.net ads.eu.criteo.com
2 ssbsync.smartadserver.com c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
2 dsp.adfarm1.adition.com 2 redirects
2 prebid-a.rubiconproject.com ads.rubiconproject.com
2 usergate.globo.com s3.glbimg.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
s3.amazonaws.com
2 region1.google-analytics.com www.googletagmanager.com
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 idx.liadm.com ads.pubmatic.com
s3.amazonaws.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net oglobo.globo.com
connect.facebook.net
2 static.chartbeat.com oglobo.globo.com
2 id.hadron.ad.gt cdn.hadronid.net
2 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
2 globo-mab.globo.com s3.glbimg.com
2 cocoon.globo.com s3.glbimg.com
2 cdn.hadronid.net oglobo.globo.com
2 s.seedtag.com ads.rubiconproject.com
2 aax.amazon-adsystem.com client.aps.amazon-adsystem.com
c.amazon-adsystem.com
2 ap.lijit.com ads.pubmatic.com
s3.amazonaws.com
2 hbopenbid.pubmatic.com ads.pubmatic.com
s3.amazonaws.com
2 prebid.a-mo.net ads.pubmatic.com
eus.rubiconproject.com
2 config.aps.amazon-adsystem.com s3.amazonaws.com
c.amazon-adsystem.com
2 oajs.openx.net 1 redirects oglobo.globo.com
2 c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 cdn.jsdelivr.net ads.rubiconproject.com
securepubads.g.doubleclick.net
2 c2.piano.io cdn.tinypass.com
2 cdn.onesignal.com oglobo.globo.com
cdn.onesignal.com
2 oglobo.globo.com s3.glbimg.com
1 logs-01.loggly.com s3.glbimg.com
1 image8.pubmatic.com 1 redirects
1 pixel.advertising.com 1 redirects
1 us-u.openx.net cdn.undertone.com
1 secure-assets.rubiconproject.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 cm.ctnsnet.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 cs.media.net contextual.media.net
1 hbx.media.net contextual.media.net
1 ads.playground.xyz 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 js-sec.indexww.com ads.pubmatic.com
1 cdn.undertone.com ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 api.ipify.org s3.glbimg.com
1 t.tailtarget.com
1 dmp.t.tailtarget.com
1 dmp.adform.net 1 redirects
1 imasdk.googleapis.com s3.glbimg.com
1 vidanalytics.taboola.com cdn.taboola.com
1 api.voxus.tv s3.glbimg.com
1 ssc-cms.33across.com
1 cs.minutemedia-prebid.com
1 cs.yellowblue.io
1 sync.outbrain.com
1 bttrack.com 1 redirects
1 capi.connatix.com
1 live.primis.tech eus.rubiconproject.com
1 match.sharethrough.com eus.rubiconproject.com
1 sync.ipredictive.com 1 redirects
1 hb.yahoo.net eus.rubiconproject.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 vidstatb.taboola.com
1 imprchmp.taboola.com vidstat.taboola.com
1 cds.taboola.com s3.glbimg.com
1 pips.taboola.com s3.glbimg.com
1 u.openx.net 1 redirects
1 match.taboola.com
1 jadserve.postrelease.com
1 trace.mediago.io 1 redirects
1 tg.socdm.com 1 redirects
1 cdn.permutive.com s3.glbimg.com
1 rtb.fr3.eu.criteo.com c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
1 d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co s3.glbimg.com
1 beacon.krxd.net tag.navdmp.com
1 cdn.navdmp.com tag.navdmp.com
1 globo-ab.globo.com p.glbimg.com
1 usr.navdmp.com tag.navdmp.com
1 d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app s3.glbimg.com
1 sync.inmobi.com 1 redirects
1 onetag-sys.com 1 redirects
1 rtb.openx.net c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
1 www.facebook.com oglobo.globo.com
1 t.pubmatic.com ads.pubmatic.com
1 ampcid.google.de s3.glbimg.com
1 i.imgur.com oglobo.globo.com
1 flowcards.mrf.io s3.glbimg.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 mab.chartbeat.com s3.glbimg.com
1 tags.t.tailtarget.com s3.glbimg.com
1 tag.navdmp.com s3.glbimg.com
1 ping.chartbeat.net oglobo.globo.com
1 ivccf.ivcbrasil.org.br oglobo.globo.com
1 ampcid.google.com s3.glbimg.com
1 a.ad.gt cdn.hadronid.net
1 ads.eu.criteo.com c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
1 gadasource.storage.googleapis.com oglobo.globo.com
1 cdn.targeting.voxus.com.br www.googletagmanager.com
1 horizon-schemas.globo.com s3.glbimg.com
1 05c502ba649bf3c992463b0855105ee3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 prg.smartadserver.com ads.rubiconproject.com
1 bidder.criteo.com ads.rubiconproject.com
1 ads.resetsrv.com ads.pubmatic.com
1 htlb.casalemedia.com ads.pubmatic.com
1 prebid.media.net ads.pubmatic.com
1 hb.undertone.com ads.pubmatic.com
1 pixel.adsafeprotected.com ads.pubmatic.com
1 client.aps.amazon-adsystem.com s3.amazonaws.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 p1cluster.cxense.com cdn.cxense.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 horizon.globo.com oglobo.globo.com
1 ads.rubiconproject.com s3.glbimg.com
1 cdn.tinypass.com experience.tinypass.com
1 www.npttech.com static.infoglobo.com.br
1 experience.tinypass.com static.infoglobo.com.br
1 cdn.petametrics.com oglobo.globo.com
1 onesignal.com cdn.onesignal.com
1 p.glbimg.com oglobo.globo.com
1 barra.globo.com oglobo.globo.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 csync.loopme.me Failed ads.pubmatic.com
0 api.rlcdn.com Failed s3.amazonaws.com
0 aps.zqtk.net Failed oglobo.globo.com
666 254
Subject Issuer Validity Valid
oglobo.globo.com
R3		 2023-09-28 -
2023-12-27		 3 months crt.sh
s3.glbimg.com
RapidSSL TLS RSA CA G1		 2023-05-02 -
2024-05-02		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
static.infoglobo.com.br
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-01-30 -
2024-01-29		 a year crt.sh
barra.globo.com
RapidSSL TLS RSA CA G1		 2023-05-15 -
2024-05-15		 a year crt.sh
*.glbimg.com
RapidSSL TLS RSA CA G1		 2023-05-11 -
2024-05-10		 a year crt.sh
cdn.liftigniter.com
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.liftigniter.com
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
npttech.com
GTS CA 1P5		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-13		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
horizon.globo.com
RapidSSL TLS RSA CA G1		 2023-09-25 -
2024-09-25		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-10		 9 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-09-10 -
2023-12-09		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
client.aps.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-19 -
2024-02-17		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.a-mo.net
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2023-08-03 -
2024-08-30		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
resetsrv.com
E1		 2023-10-13 -
2024-01-11		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
id.globo.com
RapidSSL TLS RSA CA G1		 2023-03-14 -
2024-03-14		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-04-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
horizon-schemas.globo.com
RapidSSL TLS RSA CA G1		 2023-03-15 -
2024-03-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
cocoon.globo.com
RapidSSL TLS RSA CA G1		 2023-09-07 -
2024-09-07		 a year crt.sh
globo-mab.globo.com
R3		 2023-10-06 -
2024-01-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
voxus.com.br
Cloudflare Inc ECC CA-3		 2023-04-08 -
2024-04-07		 a year crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-05 -
2023-11-03		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
horizon-track.globo.com
RapidSSL TLS RSA CA G1		 2023-09-26 -
2024-09-26		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.ivcbrasil.org.br
Amazon RSA 2048 M02		 2023-05-01 -
2024-05-29		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-09		 a year crt.sh
usergate.globo.com
RapidSSL TLS RSA CA G1		 2023-04-24 -
2024-04-23		 a year crt.sh
ssl03.cert.cl13.k8s.mrf.io
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-09-07 -
2023-12-06		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
globo-ab.globo.com
R3		 2023-10-08 -
2024-01-06		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.prmutv.co
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-07 -
2023-12-30		 3 months crt.sh
api.permutive.com
R3		 2023-10-15 -
2024-01-13		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-12-25		 10 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
voxus.tv
GTS CA 1P5		 2023-09-01 -
2023-11-30		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-10-01 -
2023-12-30		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
api.voxus.tv
Amazon RSA 2048 M01		 2023-03-19 -
2024-04-17		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2023-02-07 -
2024-02-18		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-09 -
2024-01-26		 a year crt.sh
logs-01.loggly.com
Starfield Secure Certificate Authority - G2		 2023-03-25 -
2024-04-10		 a year crt.sh

This page contains 72 frames:

Primary Page: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Frame ID: A211FE02CEE2D8DD0EDAFE02E62A8BE2
Requests: 287 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 0F4532D97D93CED5AADE30C243FBCA66
Requests: 4 HTTP requests in this frame

Frame: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C4823F7B5697C23F8AE52E622FC88DEB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHBZZIkDWATEOSyiM-xuRqH0HqV_BdjpdQGjYgTOowlBjiobExnMeohMhjoUilW0fpgjjkgpTG8IkKItMWD_CVZQ8LGC8HBgsEkgZR-xkHcytPCxGhvmVwUJk2vlOUzO3JCo_zvUuS6bYeZ2fR85UxKb0LJO1CoU_MUvStknntWg2y6OdXZ1kSzxQZ2velql3WtI29zusl_ogp5PrGG0FANa9SydDI-DOAHc0A9ftAZkJHSLAmzacYrJqVJAEprN42wC7mzxh7375gn6Bftnm5n_M3Ra0HQ8xsJ2lxtpeqiFMYWxAfxr9HmQvh5576GWEWsSA8PzlS2hvora69wvRhnEebDFO7_zBkPl_fjIyu5L1sD66CX2oCzh5GhweP&sai=AMfl-YTpZW_iGvQPPNiKKYmt-95S5nVXZDkduZF7aVKu5qyp9--RyP_s5YBMQgKfbrISNCqSjzkzYe0AOEVlGeS5ae4m5Dog9Nu3mDzdwYo8mMoMN5Sj9Udq_XU9sjyvuneHekFlv8ZcRR033lHZxgg&sig=Cg0ArKJSzO8Rh5aTPZD0EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DF8662BA55235582F3AC78D0E0961013
Requests: 49 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=oglobo.globo.com
Frame ID: 2B30991D79E4C0FF904362DBD9F48B5A
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 8C4DD0CB2D236E7BDADDC1908C1AA68E
Requests: 1 HTTP requests in this frame

Frame: https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/3p-cookies/step2.html
Frame ID: 7672751BA3B232D746094352C8C0A315
Requests: 2 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Frame ID: E9E6FFD5EEFE45C93ECBF7AC79DD2322
Requests: 22 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Frame ID: 095D091A539EB039B4B936C89C5231DF
Requests: 22 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-P4R423
Frame ID: D1E81EFB60D7F2DDC33E802A6E6C6F37
Requests: 1 HTTP requests in this frame

Frame: https://05c502ba649bf3c992463b0855105ee3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 2A774BDC2BE2D39CD1BD235F86CE3AC8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuakiEjzQRfzixBbUJ3bFY6fKtpnMgi7uODFb999NesLESbeDHxmb6cZ8YnAFN4kgn3tpz_Lx6lB-ANME4kvVcPmPeW5mdes_WKWTBdTE-uk71C1tDtSLZl2iacG63Pb7HbiEFNbAa5PchqoCkWHDBua_LdMSb94UgzvK71slBixeSMl1DzngjycZF5PzKaAbMjmhc1sOA77kZzvOfCYPEUoy8iIXEt83wHqigMsviF4N-Eg0YVOiPBagDFgH-WsFNk4wiII6Ul6lq3Ai22BKvObV7YCr-0VNQ8V0fZ_M4KkJexDKPgrUhvV6YKl0jFfhuXoCAwAmJSuyFCkdZMrcQKrqRI59MG-yQvQGOw1bGG82FFsQRTQoboC-c_4NtP4ZEyg&sai=AMfl-YRg_fWEGcQGgm8d1Y4c03tZaO6Lk3NmtwPj-HMdU8gmkm5kBnyijXPyqJPzxalFj05pTHUy6-Ih_s6bR8lUKDndFib-hNxdBBWur_dN34InJ39dPJhNMh0vM9kGaQ&sig=Cg0ArKJSzNwtC26h9jGHEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 395103DC7C0A9F4053CA389744209374
Requests: 33 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-NXVN776&ancestors=GTM-P4R423&restrictions=&gtm.url=https%3A%2F%2Foglobo.globo.com%2F
Frame ID: BB1777954A8B587185472B01EF612117
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-WSJ4QJD&ancestors=GTM-P4R423&restrictions=&gtm.url=https%3A%2F%2Foglobo.globo.com%2F
Frame ID: B95E00164FAD3C4FAA31CFA87C0D7A2A
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-M3GJS46&ancestors=GTM-P4R423&restrictions=&gtm.url=https%3A%2F%2Foglobo.globo.com%2F
Frame ID: BB6519B7DBB9EC8A7FD3A85065AACB12
Requests: 1 HTTP requests in this frame

Frame: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 64056DD7D9D01F56D7B0A13D8999923E
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTrv2wANrv8Iu_S1AAUc6tw0SZUtLE58Ibr7kg&u=%7CcPdNlPfxj8kk1vKwEGwpUkC4k82U7TA852VU3oBG4cQ%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WorlxbH5PHq5yqN4ZfUFzi7DSY4wae9_VGh6uW4BYaa5FFUcX1DiQgXz489gF2oeA_LG5_34nsRb-eCmAvdbHrRQTUumeNcBI5nq3EMMwo8F-rGkm-47dyrMGXoUPT6qDkjGZ-uPfuy1EZpyHTVU-70caknN-OXnXOPUkk-YB80w50mP35Dtzu0kxm7PySrpLGLstAsjZlvtuuJK4ut8k7iHt1MJfVYeRoIct7LdnSiFsFC3P1R-k0O1JY3r_cqPfg9R0Pnhw3abY7HXv4M5Ga4NUVjMtY0FfKTVshcz3Zh7l8NQEIYaY8-zfEbipI1c_oEzhm1xjMpwtL_b1lmFSP4ycC7uyEVe9XiocgfUCd6mO0QTd0TzzI9LXpQBN_YhtqJg5zl4MPmvvBHCa64DTD-jeQG290JV3vMvWOXBH5pBWvVO96fQvahBtNxFXCv0lYSSHi2MAMGmKFo27DJREu0WFGD8yOMfL_7KdsCyoO06GRQwKQlAHo4oGEnhNP0Lz2_UXinye8LWiUtJN6dTgVOUAzHm3QuY8LOHdai1y9RH-oqEka-3rEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBiPG2-86Zf_dNrXp7_UP6rmUmAzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCFzX670WzsT7gAgCoAwHIAwKqBIkDT9BDeKGrcnP8p40ii2rzzrNlUqUNAsi89SVWbSz1wtGiRD0Uo-QJ7m-M_dvjVArQ1VBG0IXSqaZe33CFSeuSRKm6iaTc5qR52CAYopirwStXsfcZNVjiZAjXuUi66LoEBo0qB-YGZykzsiHLx8ECt9dgtSL-J6IzT5j5ONnEROgtVhazj6shHDEikKET1u0ss5TRg0EEHXitZvWewIRfUQNUAzxTc5_N9kUozdL5T9foajrpfNhTwnRIwRtViJteVe2Yh65Xp5-JMHr4oUIL_weRY5VKI_oaVmrc1gCQgH5NeQO7YOHTLZTYwjPsLxo_6QN2n2XU7MrRV5x4hOVa2SQQQ7Awyok60iBOfXhxFjV-PozFIrTGuKkOLJXsNIJ19yZW_qFTqbC30UhpRgOcM8DDLn3uPalzDZG1yFCLyngQFqHfMMx76wnjsEKBiA91Ekx4G0VaCADjEZq8JyIoNVca2B71nyicEoGyj0LxZCfDQ_JYznkEZHVkyG1DM9jkm1ePx02NQdYy4AQBgAbJs6nFhPOiylmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_347esvcKJjZNTD9RDy3C1EoMaNwA%26client%3Dca-pub-8828587149473437%26adurl%3D
Frame ID: 4093293DA8C6B1FDC12E076A2A7B96F0
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5BA0D445B872C836BEB5B6D038C1AE89
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C45C42B5B4D5291A55766F3F33D150E3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FBAE1F41707AB28DFD559CDB8D4CB4C5
Requests: 2 HTTP requests in this frame

Frame: https://i.imgur.com/OQER25S.png
Frame ID: E8CC944297C6DE865EA8E02395D9D056
Requests: 1 HTTP requests in this frame

Frame: https://oglobo.globo.com/login-callback.ghtml
Frame ID: E9B71ADD04188171EDE4BB4BA9B2F05C
Requests: 2 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZTrv38Co8XsAAAS.nrkAAAAA
Frame ID: 65022DD13BA48C9B7B6C61ABED44D341
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8AC7D4B240A41153E603555DA1BBB700
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B9D3FD43CE5C2E83B15CC7164F20D47C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=oglobo.globo.com
Frame ID: 27E8418520D49140130CA16D527BEE64
Requests: 2 HTTP requests in this frame

Frame: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8r4oCLAZQSZbzp7maxBGgkiznT3M1iSsAAABgYID-AMkYB7PdbuZwKwzDlVs0s9jcCofD4pZYHDPDzGXamDy2ISAZ42C2280cboVhuHKLZhabW-FwWNwSi2NmmLlMG5PHNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwSaoul0-Fz3er3P7Lf47Tqz3-K3a_xuv-Tp98v9pqfH6fBLBpPNXjHYK5Z7wc2tcuscLo_fLXNYX2633vCyPDwOv1vjt5suD7fC57KbXp63yOEW_M1Oj9Ph1jhtT7Nb5VaYbH-fw-S364ymt9k_s3jMTpN7yXtQCntDa-Ro9mhOu6_OZlA8fKphTbpxXo3PreEiueUAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgPENAsQiB4V7mt1Ou8_0t_sDAAAAAAgAAAAAEgAFvKclAD7OZk78_________8cYoM-8kfH___9_Y6EHwIMPgAchAAAAH0PEgvjPARHur4kcrBRhBAAAAAB2rh38yCSdoGJR5f__v98KwBUAgIBFN5x99Cy6gxJvYQAAAAzGLNDD4vebHXaN3-0y__________9m_s_8oxHyWC9MI3zZE6fmFxAAYM0vIAAAG3UDAPAmAE7QMcDZbrIarY5C7IazwW4yGM5mBwAAAODO____vx6Q8ZgcnonJsBvtlguPxbdZrCyDxca52yw3lsHGsz1Geqtj1z45431ChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FYDAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB1G6xGQ5Gk7XGMxi5RZuZYy1xWUZryWJlc618o5lttXGLXh_TxzParVYrLxIMuNuL5GmRTgTDzcKxGs1sDudi4ZosloORbzLYWHaT0WZlWm0mYonmZJFOZJd9x2NyeCYmw260Wy48Ft9msbIMFhvnbrPcWAYbz761W2yGg9FkrfEMRm7RZuZYS1yW0VqyWNlcK99oZltt3KLXx_TxjHar1crfmC2Hm9lisxjsG7PlcDNbbBaDfYfO8F19zkbZ9pzymGTOaN-jrDkNCpfB4p0WLdLW4egzyiy3iGs1WU9fE6vQM_EaFJ6DR3Wz5qRObWQiO0-mCcfBooglgot0ojI5TX_Lw2f2W_xuvc_st_gtYonSdJFO9JKn3y_3m54ep8MvGUw2e8Vgr1juBTe3yq1zuDx-t8xhfbndesPL8vA4_G6N3266PNwKn8tuenneIodb8Dc7PU6HW-O0Pc1ulVthsv19DpPfrjOa3maLWCI4XaQT0ct4uqj_6CF2s7lisZpLNru5ZDJaJQAAAAAAAAAASzDJdBMAAAAAJ4PZrZa71TodyGA1HGxWywUg8Wep6we6kXtgRSN-12aZRAnKyPdPscYemyiT0_S3PHxmv8Xv1vvMfovfygAk3ESZbfYZQazValkDAAAQwAYAABDATTfeBIhFcf_____jAAAABMihBwAAQL8PSCluvdADV4pfQWw2k-H-AagQa7Va3W6s1WoFHJDNagIBAALwAQ!&cmcv=&pix=undefined&cb=1698361311508&uv=142387208&tms=1698361311508&abt=AdUnit2ESM_vB!adxLoadDist7-out_vA!adxsub-out_vA!adxsub-out_vB!esv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=c80677fa-a08e-4fbf-aaab-bb1f0fe4cdc6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 9CD7B6A540395887E0C9F5E8ADF68A40
Requests: 3 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8r4oCLAZQSZbzp7maxBGgkiznT3M1iSsAAABgYID-AMkYB7PdbuZwKwzDlVs0s9jcCofD4pZYHDPDzGXamDy2ISAZ42C2280cboVhuHKLZhabW-FwWNwSi2NmmLlMG5PHNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwSaoul0-Fz3er3P7Lf47Tqz3-K3a_xuv-Tp98v9pqfH6fBLBpPNXjHYK5Z7wc2tcuscLo_fLXNYX2633vCyPDwOv1vjt5suD7fC57KbXp63yOEW_M1Oj9Ph1jhtT7Nb5VaYbH-fw-S364ymt9k_s3jMTpN7yXtQCntDa-Ro9mhOu6_OZlA8fKphTbpxXo3PreEiueUAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgPENAsQiB4V7mt1Ou8_0t_sDAAAAAAgAAAAAEgAFvKclAD7OZk78_________8cYoM-8kfH___9_Y6EHwIMPgAchAAAAH0PEgvjPARHur4kcrBRhBAAAAAB2rh38yCSdoGJR5f__v98KwBUAgIBFN5x99Cy6gxJvYQAAAAzGLNDD4vebHXaN3-0y__________9m_s_8oxHyWC9MI3zZE6fmFxAAYM0vIAAAG3UDAPAmAE7QMcDZbrIarY5C7IazwW4yGM5mBwAAAODO____vx6Q8ZgcnonJsBvtlguPxbdZrCyDxca52yw3lsHGsz1Geqtj1z45431ChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FYDAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB1G6xGQ5Gk7XGMxi5RZuZYy1xWUZryWJlc618o5lttXGLXh_TxzParVYrLxIMuNuL5GmRTgTDzcKxGs1sDudi4ZosloORbzLYWHaT0WZlWm0mYonmZJFOZJd9x2NyeCYmw260Wy48Ft9msbIMFhvnbrPcWAYbz761W2yGg9FkrfEMRm7RZuZYS1yW0VqyWNlcK99oZltt3KLXx_TxjHar1crfmC2Hm9lisxjsG7PlcDNbbBaDfYfO8F19zkbZ9pzymGTOaN-jrDkNCpfB4p0WLdLW4egzyiy3iGs1WU9fE6vQM_EaFJ6DR3Wz5qRObWQiO0-mCcfBooglgot0ojI5TX_Lw2f2W_xuvc_st_gtYonSdJFO9JKn3y_3m54ep8MvGUw2e8Vgr1juBTe3yq1zuDx-t8xhfbndesPL8vA4_G6N3266PNwKn8tuenneIodb8Dc7PU6HW-O0Pc1ulVthsv19DpPfrjOa3maLWCI4XaQT0ct4uqj_6CF2s7lisZpLNru5ZDJaJQAAAAAAAAAASzDJdBMAAAAAJ4PZrZa71TodyGA1HGxWywUg8Wep6we6kXtgRSN-12aZRAnKyPdPscYemyiT0_S3PHxmv8Xv1vvMfovfygAk3ESZbfYZQazValkDAAAQwAYAABDATTfeBIhFcf_____jAAAABMihBwAAQL8PSCluvdADV4pfQWw2k-H-AagQa7Va3W6s1WoFHJDNagIBAALwAQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: B8DECBF2B8DA00305580D1CC2C61FFCF
Requests: 3 HTTP requests in this frame

Frame: https://targeting.voxus.tv/a/index_nckv4.html?12943a233&client%3DO%20Globo%26website_id%3D2057%26obj%3D238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47%26type%3Dpageview
Frame ID: BD31C70A8EF44205B569FB60B8459021
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: CD6D9AF75C520D3CDE23370E803E3E4C
Requests: 20 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: 8E13542353E0E7C94A40ACCCC8712BE6
Requests: 19 HTTP requests in this frame

Frame: https://ch-match.taboola.com/sync?dast=V8r4oCLAZQSZbzp7maxBGgkiznT3M1iSsAAABgYID-AMkYB7PdbuZwKwzDlVs0s9jcCofD4pZYHDPDzGXamDy2ISAZ42C2280cboVhuHKLZhabW-FwWNwSi2NmmLlMG5PHNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwSaoul0-Fz3er3P7Lf47Tqz3-K3a_xuv-Tp98v9pqfH6fBLBpPNXjHYK5Z7wc2tcuscLo_fLXNYX2633vCyPDwOv1vjt5suD7fC57KbXp63yOEW_M1Oj9Ph1jhtT7Nb5VaYbH-fw-S364ymt9k_s3jMTpN7yXtQCntDa-Ro9mhOu6_OZlA8fKphTbpxXo3PreEiueUAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgPENAsQiB4V7mt1Ou8_0t_sDAAAAAAgAAAAAEgAFvKclAD7OZk78_________8cYoM-8kfH___9_Y6EHwIMPgAchAAAAH0PEgvjPARHur4kcrBRhBAAAAAB2rh38yCSdoGJR5f__v98KwBUAgIBFN5x99Cy6gxJvYQAAAAzGLNDD4vebHXaN3-0y__________9m_s_8oxHyWC9MI3zZE6fmFxAAYM0vIAAAG3UDAPAmAE7QMcDZbrIarY5C7IazwW4yGM5mBwAAAODO____vx6Q8ZgcnonJsBvtlguPxbdZrCyDxca52yw3lsHGsz1Geqtj1z45431ChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FYDAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB1G6xGQ5Gk7XGMxi5RZuZYy1xWUZryWJlc618o5lttXGLXh_TxzParVYrLxIMuNuL5GmRTgTDzcKxGs1sDudi4ZosloORbzLYWHaT0WZlWm0mYonmZJFOZJd9x2NyeCYmw260Wy48Ft9msbIMFhvnbrPcWAYbz761W2yGg9FkrfEMRm7RZuZYS1yW0VqyWNlcK99oZltt3KLXx_TxjHar1crfmC2Hm9lisxjsG7PlcDNbbBaDfYfO8F19zkbZ9pzymGTOaN-jrDkNCpfB4p0WLdLW4egzyiy3iGs1WU9fE6vQM_EaFJ6DR3Wz5qRObWQiO0-mCcfBooglgot0ojI5TX_Lw2f2W_xuvc_st_gtYonSdJFO9JKn3y_3m54ep8MvGUw2e8Vgr1juBTe3yq1zuDx-t8xhfbndesPL8vA4_G6N3266PNwKn8tuenneIodb8Dc7PU6HW-O0Pc1ulVthsv19DpPfrjOa3maLWCI4XaQT0ct4uqj_6CF2s7lisZpLNru5ZDJaJQAAAAAAAAAASzDJdBMAAAAAJ4PZrZa71TodyGA1HGxWywUg8Wep6we6kXtgRSN-12aZRAnKyPdPscYemyiT0_S3PHxmv8Xv1vvMfovfygAk3ESZbfYZQazValkDAAAQwAYAABDATTfeBIhFcf_____jAAAABMihBwAAQL8PSCluvdADV4pfQWw2k-H-AagQa7Va3W6s1WoFHJDNagIBAALwAQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 7123DD9DC4C528CF1A7C5F0C9952A021
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Frame ID: 3D9B4949E9EF9AB740CC11854A704F99
Requests: 23 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B3432A60E5ADAF5A9C07B489B9B78AF8
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BEBDE0664147A4DD66190E2BEF25CCD6
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: A8293D98E8686979D8BB07713C91B711
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: ECF5417DD694C858C7524A5CE825D5D0
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 48D481E4FFEB10DB63C0EABC6444DD2C
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 95016C6788F88CF26A3A987E5EB0FA8B
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=68405C29-7985-4838-B54E-3168FA288486&redir=true&gdpr=0&gdpr_consent=
Frame ID: CB38C23B97500E4894850E77F5C43D6B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gUBGl9ITEMSaRhHHhBFYwtZFTMCaR0PA0UaLmRar
Frame ID: AB237C7AEDA8495933351D545B92A81E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5270783453165889608&gdpr=0&gdpr_consent=
Frame ID: 65584C14187ACA3EAE903EAF62A84705
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294406278956382351&gdpr=0&gdpr_consent=
Frame ID: 498F20C1BD7C76080289374EAD57ABF8
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=4&user_id=7b9e1ac4-2084-46cf-8b96-eb45588ccf5a&ssp=pubmatic&expires=30&user_group=5&bsw_param=bad84a7b-c6a6-4560-ba86-f3d98e7e8a83
Frame ID: 81A500D02D7462A8CD868B27870B9530
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PfTkobOpUsdAKgpG7b0UT7Bz7eA&gdpr=0&gdpr_consent=
Frame ID: BB4970BA2CB2299E59BFC72F414CB54A
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=68405C29-7985-4838-B54E-3168FA288486&gdpr=0&gdpr_consent=
Frame ID: AAA73E6DDA5B264EC0FC50B6EF55968A
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTrv5AAawKyvHwA_
Frame ID: 6CE57E3BF573ABFC2E273FA089AD9CE5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEXck7KdeAAABlVXBZoxQ&gdpr=0&gdpr_consent=
Frame ID: D00F1CB6019F1FD84CB9CEB0E959FB20
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: A41D204DA9952CCD3BA6E344A8E4EA3B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa36e177cac3a483893a1adb5f5360365
Frame ID: B8F329C0639C9E100844041820B28C86
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 6CC57CD1E72F32EB85304609F2EC6FF3
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 2C47DDA3E98308E0164B1E2604668966
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4207548800602511053
Frame ID: 8164AF61BACCE84430D9C801CD4437D7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588527108280432
Frame ID: 763C479F63CA8A1D99765E394511B9B0
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 1A9B1C4D71B2CA3A2F524ADEBC285EF6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznabQUUMTnnSSYjXU&gdpr=0&gdpr_consent=
Frame ID: 7C66AD9FA7D595A07842F0DDF6AAC726
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 55E44408BC45A430ACF05B3BB53CA43F
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: C8310BA285AC28F35061A70914951424
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Frame ID: E502833BC4D78AEF3DA1F4A95E176154
Requests: 5 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: F38372A23C65B1C3A1192118CFEA8D7B
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DFD14BBAE7E865F2B8E8ECE4FD13E0BC
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7B0607E0C279831DDA7F248F896ED50D
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BEB03B762DFFDC072BD44EB087798A91
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 88ADAD3882ADA32F9C365C7098AE1BE4
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 84CDC36D94ADE495FC1E0DFA3E8EC254
Requests: 10 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 2E91565194AA2FE4A2EEB1B7DF3BBCDE
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 2251879965AB12038635BA351E60038F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:724B2D43DB354FDEB412D05B410B47C9&gdpr=0&gdpr_consent=
Frame ID: 1F74FD4BC9D1B33CEFCF4611455C02A0
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3413629198755270000V10&type=r1&refUrl=&vid=83613193453413629198755270000V10&ovsid=RX-42a6c70d-6466-4525-9714-4f1b30e87069-003
Frame ID: 1D7AAEC3FCD74179425F3D75BD3ABFBD
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3413629198755270000V10&type=rkt&refUrl=&vid=83613193453413629198755270000V10&ovsid=5144588527108280432
Frame ID: 256FF6E6AED16DA363A3D3B09DE9D102
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 1664FC5A1F6CD3916FE4E03F4BFF3C33
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: C5E4E5514B0BBAA33D66433CE8B1CDB5
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cidade da Polícia Civil foi o palco da negociata para o tráfico de 16 toneladas de maconha, diz PF

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

666
Requests

85 %
HTTPS

0 %
IPv6

132
Domains

254
Subdomains

175
IPs

15
Countries

8138 kB
Transfer

24375 kB
Size

205
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://sb.scorecardresearch.com/c2/6035227/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 80
  • https://oajs.openx.net/esp?url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&rid=esp&cc=1
Request Chain 94
  • https://rp.liadm.com/j?dtstmp=1698361306020&se=e30&duid=be2f1ac8945b--01hdq3htx0gtr7xz8wgkm312yh&pu=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&wpn=prebid HTTP 302
  • https://rp.liadm.com/j?se=e30&duid=be2f1ac8945b--01hdq3htx0gtr7xz8wgkm312yh&dtstmp=1698361306020&n3pc=true&wpn=prebid&pu=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Request Chain 297
  • https://um.simpli.fi/gp_match?google_gid=CAESEC5Wi7Wgy2MJZKQwST7dBLU&google_cver=1&google_push=AXcoOmTZ6wRryhwDKNSpZdmED9aKGDpJLDEsB_kjavCC3JjaZakHXpNfn3jWWDL-BnE9M0O8W6VJ2gOlfBcCnOS6CMRCeyNrQFEd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=724B2D43DB354FDEB412D05B410B47C9&google_push=AXcoOmTZ6wRryhwDKNSpZdmED9aKGDpJLDEsB_kjavCC3JjaZakHXpNfn3jWWDL-BnE9M0O8W6VJ2gOlfBcCnOS6CMRCeyNrQFEd
Request Chain 298
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELUHu54W9GJvuyygcSSdty8&google_cver=1&google_push=AXcoOmTTtfe3gVAwNsAEHBYalasrYbzRxEiueXJ68_CKxCGcSN05ZOK0K-K0ci4SKmFTVYXUHZfdqhp2mg4RFmGo44iZo2KQmMZE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NDQwNjI3ODk1NjM4MjM1MQ%3D%3D&google_push=AXcoOmTTtfe3gVAwNsAEHBYalasrYbzRxEiueXJ68_CKxCGcSN05ZOK0K-K0ci4SKmFTVYXUHZfdqhp2mg4RFmGo44iZo2KQmMZE
Request Chain 300
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF94GQyPIMBoiOx41ZlFOew&google_cver=1&google_push=AXcoOmQwdBLBUTM7BslQ8YqmXkkRDDCRGIN4kKuUCiqTGxeb2VjOaRVVJn_ur0EZMMHTz0OzZ_PC_gIObrEatoqmUj3gEHM19jo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE83U0daRzMtOS1KQ0o4&google_push=AXcoOmQwdBLBUTM7BslQ8YqmXkkRDDCRGIN4kKuUCiqTGxeb2VjOaRVVJn_ur0EZMMHTz0OzZ_PC_gIObrEatoqmUj3gEHM19jo
Request Chain 301
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPWDrMDQrWzlumjMjffBHNE&google_cver=1&google_push=AXcoOmS3NyBfSur5A9IdxNNByXQxTc6a6Nw0HWa9KtYtRjY8CL7GEvxu_RU_KelQDw2x_JOEk-ZFifNLN50gldSlSBH5fwXIWgjr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS3NyBfSur5A9IdxNNByXQxTc6a6Nw0HWa9KtYtRjY8CL7GEvxu_RU_KelQDw2x_JOEk-ZFifNLN50gldSlSBH5fwXIWgjr
Request Chain 303
  • https://sync.inmobi.com/gob?google_gid=CAESEPf1Z9H8xD3dmomHnkaJuHQ&google_cver=1&google_push=AXcoOmQcX9exjbcQdobNsVjBImny3qvxde3BbnGABKGojfdsiYDKBRZcR6r5mnjjgd4ihoTBqprlkgqpcKNpxvtEMkiRwMHyEfmP-Q HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQcX9exjbcQdobNsVjBImny3qvxde3BbnGABKGojfdsiYDKBRZcR6r5mnjjgd4ihoTBqprlkgqpcKNpxvtEMkiRwMHyEfmP-Q
Request Chain 322
  • https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=oglobo%40apps.globoid&redirect_uri=https%3A%2F%2Foglobo.globo.com%2Flogin-callback.ghtml&state=9eb49457-4905-4c93-8c28-655c5f373b85&response_mode=fragment&response_type=code&scope=openid&nonce=12e0f6f9-a48b-4e3e-83cb-f7e633340275&prompt=none&code_challenge=f9TCbUvW1Ou-BltevQ-SSN6G5CEUrZeVrq1r7zXzxP0&code_challenge_method=S256 HTTP 302
  • https://oglobo.globo.com/login-callback.ghtml
Request Chain 400
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZTrv38Co8XsAAAS.nrkAAAAA
Request Chain 401
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=fe55e536d3734bb6a9bde133abe07ccb HTTP 302
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=fe55e536d3734bb6a9bde133abe07ccb
Request Chain 403
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LO7SGZG3-9-JCJ8
Request Chain 404
  • https://pr-bh.ybp.yahoo.com/sync/taboola/57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ru91hJJE2oSt.sb8uakKBw3ABl6PgnL2ycBFDQ--~A
Request Chain 405
  • https://trace.mediago.io/ju/cs/taboola HTTP 302
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=2a46ab349791394c2rm23000lo7sh2x1
Request Chain 406
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIrNP9zE8Hg92VhdUt1i-BA&google_cver=1
Request Chain 409
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e
Request Chain 412
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=772374af-2e17-43d0-a662-08316d0352b8&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 414
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=taboola&bsw_custom_parameter=bad84a7b-c6a6-4560-ba86-f3d98e7e8a83&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=taboola&bsw_custom_parameter=bad84a7b-c6a6-4560-ba86-f3d98e7e8a83&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=7b9e1ac4-2084-46cf-8b96-eb45588ccf5a&ssp=taboola&expires=30&user_group=5&bsw_param=bad84a7b-c6a6-4560-ba86-f3d98e7e8a83
Request Chain 415
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b2669404-b33d-4820-b9ef-bbd57d6337f4 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b2669404-b33d-4820-b9ef-bbd57d6337f4&tbid=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&query=taboola_hm%3Db2669404-b33d-4820-b9ef-bbd57d6337f4&isDirect=0
Request Chain 416
  • https://eb2.3lift.com/xuid?mid=7772&xuid=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 417
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=dd205a8a-d20b-4860-904a-85e231b681ea
Request Chain 448
  • https://pr-bh.ybp.yahoo.com/sync/taboola/57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ru91hJJE2oSt.sb8uakKBw3ABl6PgnL2ycBFDQ--~A
Request Chain 452
  • https://pr-bh.ybp.yahoo.com/sync/taboola/57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ru91hJJE2oSt.sb8uakKBw3ABl6PgnL2ycBFDQ--~A
Request Chain 478
  • https://pr-bh.ybp.yahoo.com/sync/taboola/57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ru91hJJE2oSt.sb8uakKBw3ABl6PgnL2ycBFDQ--~A
Request Chain 483
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LO7SGZG3-9-JCJ8 HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Request Chain 485
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 488
  • https://taboola-d.openx.net/v/1.0/av?auid=541033705&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Request Chain 489
  • https://taboola-d.openx.net/v/1.0/av?auid=543846819&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzY3NTZhNjMtZjE3ZC0yNzkzLWY3MDQtZGVkZDVhMjllYjNl
Request Chain 490
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/nOOZmSmw156ln0CWXX2haw?csrc=&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xi.0LyNE2oKz4JlIG7xodXzp_Ye9XmQdA8MoDg--~A
Request Chain 491
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ejYnBpc6ShuRS_XZ91481Q&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ejYnBpc6ShuRS_XZ91481Q&gdpr=0
Request Chain 492
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0m0BO_M0T8mBUS8JQzCTCQ&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0m0BO_M0T8mBUS8JQzCTCQ&gdpr=0
Request Chain 493
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE83U0daRzMtOS1KQ0o4&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEF94GQyPIMBoiOx41ZlFOew&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE83U0daRzMtOS1KQ0o4&google_push=&gdpr=0
Request Chain 494
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Request Chain 495
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEh2Q4jc-nAf08PUnhHW5tU&google_cver=1
Request Chain 497
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzM0ODUxNTBkYTk5Mjc1YjQyZTNmNjVkOGYzMzQ2NjdiNmYzZGY4NA&gdpr=0&us_privacy=1---
Request Chain 498
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1--- HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEXck7KdeAAABlVXBZoxQ&expires=30&gdpr=0
Request Chain 499
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LO7SGZG3-9-JCJ8&redir=true&gdpr=0&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LO7SGZG3-9-JCJ8&gdpr=0&redir=true&us_privacy=1--- HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1oWDZqVkg1RTJ1R1FlYnd2RnlXb2VWZmEzNHJ1MG5sbH5B&gdpr=0&ovsid=LO7SGZG3-9-JCJ8&dpid=58160&us_privacy=1---
Request Chain 500
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Request Chain 501
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Request Chain 502
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=134a2bf7-adc7-4400-bfcd-dfca7b0d7358&expires=30&gdpr=0&us_privacy=1---
Request Chain 503
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Request Chain 504
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&us_privacy=1--- HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Request Chain 505
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&us_privacy=1--- HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Request Chain 506
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0&us_privacy=1--- HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LO7SGZG3-9-JCJ8&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---
Request Chain 507
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&us_privacy=1--- HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1--- HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---&dnr=1
Request Chain 508
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=PfTkobOpUsdAKgpG7b0UT7Bz7eA
Request Chain 509
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=4fa71b52-33b7-4167-8b81-0ed2ef729168
Request Chain 510
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr=0&us_privacy=1--- HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Request Chain 511
  • https://c1.adform.net/serving/cookie/match?party=1164&gdpr=0&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1164&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=1337544187735000128
Request Chain 512
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=772374af-2e17-43d0-a662-08316d0352b8&gdpr=0&us_privacy=1---
Request Chain 513
  • https://ad.turn.com/r/cs?pid=6&gdpr=0&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7849898008418585844&expires=60&gdpr=0&gdpr_consent=
Request Chain 515
  • https://sync.1rx.io/usersync2/rubicon?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.1rx.io/usersync2/rubicon?zcc=1&cb=1698361313229&us_privacy=1--- HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-42a6c70d-6466-4525-9714-4f1b30e87069-003?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-42a6c70d-6466-4525-9714-4f1b30e87069-003%26expires%3D30%26us_privacy%3D1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-42a6c70d-6466-4525-9714-4f1b30e87069-003&expires=30&us_privacy=1---
Request Chain 517
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LO7SGZG3-9-JCJ8&obUid=&initiator=&gdpr=0&us_privacy=1---
Request Chain 518
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage&gdpr=0&us_privacy=1--- HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Request Chain 519
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr=0&us_privacy=1--- HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Request Chain 520
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across&gdpr=0&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Request Chain 521
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.1rx.io/usersync/rubicon/LO7SGZG3-9-JCJ8?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-42a6c70d-6466-4525-9714-4f1b30e87069-003
Request Chain 537
  • https://taboola-d.openx.net/v/1.0/av?auid=541033705&gdpr=0&us_privacy=1--- HTTP 302
  • https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033705&gdpr=0&us_privacy=1---
Request Chain 538
  • https://taboola-d.openx.net/v/1.0/av?auid=543846819&gdpr=0&us_privacy=1--- HTTP 302
  • https://taboola-d.openx.net/v/1.0/av?cc=1&auid=543846819&gdpr=0&us_privacy=1---
Request Chain 541
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 543
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gUBGl9ITEMSaRhHHhBFYwtZFTMCaR0PA0UaLmRar
Request Chain 544
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5270783453165889608&gdpr=0&gdpr_consent=
Request Chain 545
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294406278956382351&gdpr=0&gdpr_consent=
Request Chain 546
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=bad84a7b-c6a6-4560-ba86-f3d98e7e8a83&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=7b9e1ac4-2084-46cf-8b96-eb45588ccf5a&ssp=pubmatic&expires=30&user_group=5&bsw_param=bad84a7b-c6a6-4560-ba86-f3d98e7e8a83
Request Chain 547
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PfTkobOpUsdAKgpG7b0UT7Bz7eA&gdpr=0&gdpr_consent=
Request Chain 548
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aEBcKXmFSDi1TjFo-iiEhg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 550
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=664307197
Request Chain 551
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=68405C29-7985-4838-B54E-3168FA288486 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aWdoeGRpZ1MtOHBTVU81cEJPcUpEalFndw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=1337544187735000128&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 552
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Njg0MDVDMjktNzk4NS00ODM4LUI1NEUtMzE2OEZBMjg4NDg2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 553
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHoNORSBYYvZTsTH_823RAU&google_cver=1
Request Chain 555
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1337544187735000128
Request Chain 557
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=68405C29-7985-4838-B54E-3168FA288486&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-TJ7_EztE2uVYk_Ixc70E9VCqrB4gJEw-~A&gdpr=0
Request Chain 582
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTrv5AAawKyvHwA_
Request Chain 583
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFWGNrN0tkZUFBQUJsVlhCWm94UQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEXck7KdeAAABlVXBZoxQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3986165594677749192&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAEXck7KdeAAABlVXBZoxQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3986165594677749192%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3986165594677749192&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEXck7KdeAAABlVXBZoxQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEXck7KdeAAABlVXBZoxQ&gdpr=0&gdpr_consent=
Request Chain 585
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa36e177cac3a483893a1adb5f5360365
Request Chain 588
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4207548800602511053
Request Chain 589
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588527108280432
Request Chain 591
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e01d66f7ee883c26/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DkODCF8PznabQUUMTnnSSYjXU%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DkODCF8PznabQUUMTnnSSYjXU%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznabQUUMTnnSSYjXU&gdpr=0&gdpr_consent=
Request Chain 593
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 595
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=68405C29-7985-4838-B54E-3168FA288486&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=68405C29-7985-4838-B54E-3168FA288486&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 596
  • https://pixel.onaudience.com/?partner=214&mapped=68405C29-7985-4838-B54E-3168FA288486&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 597
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7849898008418585844&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 598
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=68405C29-7985-4838-B54E-3168FA288486&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=10f0f8c0fed5162d&is_secure=true&networkId=17100&version=1&nuid=68405C29-7985-4838-B54E-3168FA288486&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI1xq_ayFC6wMAXrqbAAAAAAA&expiration=1698447717&nuid=68405C29-7985-4838-B54E-3168FA288486&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 599
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c14c7f45-eec2-49e1-b101-c45f73d28376&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 619
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 622
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:724B2D43DB354FDEB412D05B410B47C9&gdpr=0&gdpr_consent=
Request Chain 623
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8175178579 HTTP 302
  • https://sync.1rx.io/usersync/turn/7849898008418585844?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-42a6c70d-6466-4525-9714-4f1b30e87069-003?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3413629198755270000V10%26type%3Dr1%26refUrl%3D%26vid%3D83613193453413629198755270000V10%26ovsid%3DRX-42a6c70d-6466-4525-9714-4f1b30e87069-003 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3413629198755270000V10&type=r1&refUrl=&vid=83613193453413629198755270000V10&ovsid=RX-42a6c70d-6466-4525-9714-4f1b30e87069-003
Request Chain 624
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5270783453165889608
Request Chain 627
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3413629198755270000V10%26type%3Drkt%26refUrl%3D%26vid%3D83613193453413629198755270000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3413629198755270000V10&type=rkt&refUrl=&vid=83613193453413629198755270000V10&ovsid=5144588527108280432
Request Chain 629
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3413629198755270000V10%26type%3Dcon%26refUrl%3D%26vid%3D83613193453413629198755270000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=7a25f0e69dd1819&is_secure=true&version=1&networkId=57734&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3413629198755270000V10%26type%3Dcon%26refUrl%3D%26vid%3D83613193453413629198755270000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3413629198755270000V10&type=con&refUrl=&vid=83613193453413629198755270000V10&ovsid=AAAIaa5PmAxk0QMZYkjPAAAAAAA&expiration=1698447719&is_secure=true&gdpr_consent=&gdpr=1
Request Chain 630
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3413629198755270000V10%26type%3Dr1%26refUrl%3D%26vid%3D83613193453413629198755270000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4018275104 HTTP 302
  • https://sync.1rx.io/usersync/turn/7849898008418585844?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-42a6c70d-6466-4525-9714-4f1b30e87069-003?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3413629198755270000V10%26type%3Dr1%26refUrl%3D%26vid%3D83613193453413629198755270000V10%26ovsid%3DRX-42a6c70d-6466-4525-9714-4f1b30e87069-003 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3413629198755270000V10&type=r1&refUrl=&vid=83613193453413629198755270000V10&ovsid=RX-42a6c70d-6466-4525-9714-4f1b30e87069-003
Request Chain 631
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQxMzYyOTE5ODc1NTI3MDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEDcSGqGrZkiVLesf0BnpjQo&google_cver=1
Request Chain 634
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__ HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=
Request Chain 635
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3413629198755270000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=b2669404-b33d-4820-b9ef-bbd57d6337f4&cs=1
Request Chain 638
  • https://creativecdn.com/cm-notify?pi=medianet HTTP 302
  • https://creativecdn.com/cm-notify?pi=medianet&tc=1 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=o2g0GmPIRwy01iFgrxC2&pi=medianet&tc=1
Request Chain 640
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZTrv5wRgoaySb5hTtNHEeAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL32naF9kNMIE0H-6HgF-BA&google_cver=1
Request Chain 641
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTrv5wRgoaySb5hTtNHEeAAA%265260&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-mDAAeZHxdvVWIqL5c4I35FW8IvQrfgsje4ydVA HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-mDAAeZHxdvVWIqL5c4I35FW8IvQrfgsje4ydVA
Request Chain 642
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTrv5wRgoaySb5hTtNHEeAAAFIwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEpWgGy7F0J2MSqIUmuFFpY&google_cver=1
Request Chain 643
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5270783453165889608
Request Chain 644
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=3c57591cc3c218e2&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIaa5PmAxk0gM968-VAAAAAAA&expiration=1698447719&is_secure=true
Request Chain 645
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=f710d9521cf742ce98679892821660aa&expiration=1700953319
Request Chain 650
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 652
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-RoXsD4lE2uGuYtjJRlj7qcF5_FZZ02Jg~A
Request Chain 654
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LO7SGZG3-9-JCJ8
Request Chain 655
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D68405C29-7985-4838-B54E-3168FA288486 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=68405C29-7985-4838-B54E-3168FA288486
Request Chain 657
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-hXEpWCRE2uFHtTXFzDbgOZzY3.WQLurzrmBqEhg-~A
Request Chain 659
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTrv5wRgoaySb5hTtNHEeAAA%265260&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-mDAAeZHxdvVWIqL5c4I35FW8IvQrfgsje4ydVA HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-mDAAeZHxdvVWIqL5c4I35FW8IvQrfgsje4ydVA
Request Chain 661
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5270783453165889608
Request Chain 662
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7849898008418585844
Request Chain 665
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=q7L7hvjhrdWwtKzWruPl0_y38dGwtf7R-7RPe_vo
Request Chain 669
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LO7SGZG3-9-JCJ8 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LO7SGZG3-9-JCJ8

666 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml
oglobo.globo.com/rio/noticia/2023/10/19/ 		624 KB
140 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
201.7.177.244 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
d8d51877bc130c8836c299bdd0041e9c429537e019da2b80b2f9da5d9315940c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=10
content-encoding
gzip
content-length
142604
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 23:01:42 GMT
expires
Thu, 26 Oct 2023 23:01:52 GMT
show-page-version
0
vary
X-Forwarded-Proto, User-Agent, Accept-Encoding
via
2.0 CachOS
wall-blocked-session
0
wall-subscription-level
0
wall-usl-status
x-bip
1091024 cmad06lx29ca02.globoi.com
x-cache-status
MISS
x-content-type-options
nosniff
x-location-rule
show_services
x-mobile
desktop
x-request-id
cf41ad21-6b6e-47be-8caf-19089c016a90
x-served-from
oglobo-router-gcp, Show Services GCP
x-thanos
0A80FC0D
x-xss-protection
1; mode=block
bold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/bold.woff2
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:43 GMT
x-openstack-request-id
tx47c2b7bfb73c42a3b09d9-00652e76cf
last-modified
Tue, 25 Jun 2019 17:35:22 GMT
x-thanos
0AB14002
etag
8593a5a07cf620d4512fcb71cbcd07a6
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484121.35690
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10284
x-trans-id
tx47c2b7bfb73c42a3b09d9-00652e76cf
x-request-id
b68ee71c-c69d-43b3-aa94-03033d29a00d
semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:43 GMT
x-openstack-request-id
tx03ec1b09ad244776bec38-00641a2679
last-modified
Tue, 25 Jun 2019 17:36:47 GMT
x-thanos
0AB14002
etag
365c53275ca5dad1584b7e0bd3a46c1e
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484206.27623
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16172
x-trans-id
tx03ec1b09ad244776bec38-00641a2679
x-request-id
7b7ebf18-9000-4893-8af0-97cd1f46d1b0
regular.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/regular.woff2
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:43 GMT
x-openstack-request-id
tx7061868561534189abb6a-00636e3961
last-modified
Tue, 25 Jun 2019 17:36:35 GMT
x-thanos
0AB14002
etag
4124088fdd8c315a6d096b65b6cbf428
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484194.26376
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10352
x-trans-id
tx7061868561534189abb6a-00636e3961
x-request-id
30f6ea38-c711-42cb-8248-c8ec24b21029
light.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/light.woff2
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:43 GMT
x-openstack-request-id
txfebff983487f454f97c0c-0064b357c4
last-modified
Tue, 25 Jun 2019 17:36:08 GMT
x-thanos
0AB14002
etag
98b6233d6ac91b3538d60fee0ce3393b
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484167.30297
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10200
x-trans-id
txfebff983487f454f97c0c-0064b357c4
x-request-id
c60c75d4-e535-426d-8f51-fab3d47a0a8e
WhitmanDisplay-Regular.woff
s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/WhitmanDisplay-Regular.woff
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
6113aa6c8b4abb8f3d9de3e13214876879785bf25ad316ec487578e4111509e6

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:43 GMT
x-openstack-request-id
txa83223eac3094cafa784b-00653aef94
last-modified
Thu, 02 Jun 2022 18:21:47 GMT
x-thanos
0AB14002
etag
b9129bf94b84c4417a6d58f0bc219623
vary
Accept-Encoding, Origin
content-type
application/font-woff
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1654194106.76960
cache-control
public, max-age=180
accept-ranges
bytes
content-length
22664
x-trans-id
txa83223eac3094cafa784b-00653aef94
x-request-id
c6ba886b-fc04-4f63-85b7-391b07c17116
v0.js
cdn.ampproject.org/ 		278 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
0c85c630601edab15e8aa2e0a5ab14ae6168816700c3b2a2bb4983cdc2b11acd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 26 Oct 2023 23:01:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73031
x-xss-protection
0
server
sffe
etag
"aa4f775a8c339659"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 26 Oct 2023 23:01:43 GMT
lib-pub-relay-oglobo-latest.js
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/oglobo/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/oglobo/prod/lib-pub-relay-oglobo-latest.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
8900135ccc26cae8634c6c7e4fcba0a6ad86e166167aa82a551cd9cf38841cd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:43 GMT
content-encoding
gzip
x-openstack-request-id
txac517e21df6b44df93ac2-00653aef98
last-modified
Fri, 18 Aug 2023 21:17:42 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
x-object-meta-mtime
1692392192.000000
content-type
application/javascript
x-timestamp
1692393461.04998
cache-control
public, max-age=180
x-trans-id
txac517e21df6b44df93ac2-00653aef98
x-request-id
350838a4-e826-411c-a5fb-31bfca5d0426
amp-social-share-0.1.js
cdn.ampproject.org/v0/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-social-share-0.1.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
c2d893147bdb85c6671c355db1a5e0147ab1c28d300d26f4aa7c3fb2996f42ea
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 26 Oct 2023 23:01:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4741
x-xss-protection
0
server
sffe
etag
"55008ede120739f0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 26 Oct 2023 23:01:43 GMT
amp-timeago-0.1.js
cdn.ampproject.org/v0/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-timeago-0.1.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
78c43cea3cce208b1072d2d281359266b8a223b5f8a31f6dd4423e0c119ada1d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 26 Oct 2023 23:01:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9080
x-xss-protection
0
server
sffe
etag
"a32b1ddeb996eb2b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 26 Oct 2023 23:01:43 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/v0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-fit-text-0.1.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
3cd6ab1956be790ffbc733f6d1047b7ddf7838b1945310d9dbda637829064e9e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 26 Oct 2023 23:01:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2503
x-xss-protection
0
server
sffe
etag
"aadc93749ad726fe"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 26 Oct 2023 23:01:43 GMT
amp-bind-0.1.js
cdn.ampproject.org/v0/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-bind-0.1.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
0194f5d52e54edd2478db90ef977636f7db8a20dceccc555ba7263c9fa465122
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 26 Oct 2023 23:01:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16361
x-xss-protection
0
server
sffe
etag
"26076ef55d919d40"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 26 Oct 2023 23:01:43 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:43 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2144
etag
W/"2a3bbde818bef34d53a0df862ead5d5f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81c652a389383819-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sun, 29 Oct 2023 23:01:43 GMT
tiny.js
static.infoglobo.com.br/paywall/js/ 		268 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/tiny.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
123.224.151.34.bc.googleusercontent.com
Software
/
Resource Hash
4e695c5063a5c31b928704f07496b78749c90d5e5804edbdec30085564110c20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-location-rule
static - tiny.js
date
Thu, 26 Oct 2023 23:01:43 GMT
content-encoding
gzip
x-proxy-cache
HIT
last-modified
Thu, 26 Oct 2023 20:23:48 GMT
x-cache-status
HIT
x-served-from
infoglobo-router-gcp, shared-cache
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
supportspointer
true
cache-control
max-age=600
charset
utf-8
x-request-id
43bc5ab09b76af4571efb95dea8b2cfc
expires
Thu, 26 Oct 2023 20:36:21 GMT
barra-globocom.min.css
barra.globo.com/gl/ba/oidcprodutos/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
d01b2cf5b15e8ea0ef57c0ccc66a390b354d8dbc11410035fb73eb12ab3ee514
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-location-rule
barra-legado
date
Thu, 26 Oct 2023 23:01:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
778899105 ra03 11 03
age
70
x-cache-status
HIT
x-goog-meta-x-goog-reserved-source-generation
1669739324870000
content-length
4317
x-xss-protection
1; mode=block
x-request-id
8d1fdfb7-0324-4913-bc4a-37b71a92a644
last-modified
Fri, 02 Jun 2023 19:14:58 GMT
x-thanos
0AB1D017
etag
W/"c580509368f67b01edaa2d4f8057bbbe"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/css; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 26 Oct 2023 23:05:32 GMT
whatsapp-image-2023-10-19-at-09.12.36.jpeg
s2-oglobo.glbimg.com/oaq5C1i0MjnvLV6P0ZDI8t5uaLA=/0x0:1600x1068/888x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/B/a/XSu2nSQEe2hGS4B4... 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-oglobo.glbimg.com/oaq5C1i0MjnvLV6P0ZDI8t5uaLA=/0x0:1600x1068/888x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/B/a/XSu2nSQEe2hGS4B4Q1Ng/whatsapp-image-2023-10-19-at-09.12.36.jpeg
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
bda9e4678d727076921c31d43fde85333e4cba1002982619ffe42e24f1d857fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:44 GMT
via
2.0 CachOS
x-bip
553665120 ra09 20 01
age
229787
x-cache-server
thumbor/nginx-cache
content-length
71604
x-cached
MISS
x-request-id
d44d0377-689b-4707-9178-630ab3b4f364
x-forwarded-host
s2-oglobo.glbimg.com
x-thanos
0AB4D003
etag
"be97f901a4ac3b33e4237104a18542e924ebb9b8"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 23 Nov 2023 07:11:57 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:43 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2144
etag
W/"7f9669464fe15e6a516c0eb693b26dbb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
81c652a3b9633819-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sun, 29 Oct 2023 23:01:43 GMT
bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/ 		220 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
da417b10878ef530228ad8bf0950fbb2cb5471a51aea7491d508af71ba394f09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:43 GMT
content-encoding
gzip
x-openstack-request-id
tx319370d9f3ac497ea5d2c-0065219624
last-modified
Tue, 08 Aug 2023 17:32:03 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1691515922.84841
cache-control
public, max-age=2592000
x-trans-id
tx319370d9f3ac497ea5d2c-0065219624
x-request-id
0899c003-7db4-4114-ae57-3c23973462e3
9e7280f5-b08f-4b7e-b35f-8c3bf778aeeb.js
s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/oglobo/c883e1f6-03ad-41d5-9d1a-73de85333e34/ 		136 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/oglobo/c883e1f6-03ad-41d5-9d1a-73de85333e34/9e7280f5-b08f-4b7e-b35f-8c3bf778aeeb.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
955c1f56059a3c7eee0bf9c21b3b1fbd5d6e2bd6be0f3ee31869e5970a4b0d67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:43 GMT
content-encoding
gzip
x-openstack-request-id
txbc0de9bc778f485b8b4e4-00653aefd6
last-modified
Mon, 18 Sep 2023 11:44:54 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1695037493.87912
cache-control
public, max-age=180
x-trans-id
txbc0de9bc778f485b8b4e4-00653aefd6
x-request-id
33ea913a-5747-42b2-a9c1-a2a7c46e0118
9e7280f5-b08f-4b7e-b35f-8c3bf778aeeb.css
s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/oglobo/c883e1f6-03ad-41d5-9d1a-73de85333e34/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c631e406debd4c4fac98a09d48dc17d1/bastian-post/prod/oglobo/c883e1f6-03ad-41d5-9d1a-73de85333e34/9e7280f5-b08f-4b7e-b35f-8c3bf778aeeb.css
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
7d82d486b8545071a70b46cedb25a03410718abc3595ccf2bc17886653ebba48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:43 GMT
content-encoding
gzip
x-openstack-request-id
tx36d977d836c04023aab7c-00653aef68
last-modified
Mon, 18 Sep 2023 11:45:00 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/css; charset=utf-8
x-timestamp
1695037499.01117
cache-control
public, max-age=180
x-trans-id
tx36d977d836c04023aab7c-00653aef68
x-request-id
870317f8-7cd3-4475-886d-fb6512ce1d1f
api.min.js
p.glbimg.com/api/stable/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.glbimg.com/api/stable/api.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
171a128c043d930abdd29b98c54e26baa4c852db3404d78b948fe0ff948a4a19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Thu, 26 Oct 2023 23:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
586651504 ra03 05 02 06
age
73385
x-cache-status
HIT
content-length
12654
x-xss-protection
1; mode=block
x-request-id
84e069b3-38e7-401b-97f9-a2d364ca1aef
last-modified
Tue, 03 Jan 2023 00:49:51 GMT
x-thanos
0AB1D111
etag
W/"d82e539ab2fdc0f51354d1f15969ebbe"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 27 Oct 2023 02:38:39 GMT
web
onesignal.com/api/v1/sync/2a12022a-47ec-4502-80a3-1a5412d58b50/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/2a12022a-47ec-4502-80a3-1a5412d58b50/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
224851ee88cb496b4933c2a5d945f5df94e7c17db34362c2b1d230154455a659
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:43 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
1599
cf-polished
origSize=5287
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
1f4b6fd5-b375-4224-9c86-30e08cebf5d1
x-runtime
0.027326
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"ddd2f8b53398ad8a96cbbb2ffaa543e5"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
81c652a429af3819-FRA
access-control-allow-headers
SDK-Version
expires
Fri, 27 Oct 2023 00:01:43 GMT
jquery.min.js
s3.glbimg.com/cdn/libs/jquery/1.8.3/ 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:43 GMT
content-encoding
gzip
x-openstack-request-id
tx4def94eba9cc493c9720c-006449235d
last-modified
Tue, 09 Oct 2018 19:06:54 GMT
x-thanos
0AB14002
vary
Accept-Encoding, Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1539112013.52960
cache-control
max-age=31536000
x-trans-id
tx4def94eba9cc493c9720c-006449235d
x-request-id
f0ec212e-aead-424b-b543-cc78175ac500
d74ccc4990474677d3b1e31c2673c5e5.js
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 		405 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
021927fa178b249ba181afdcc0b7b5106ceb6e141d0a1c805e034787a6f3367b

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:43 GMT
content-encoding
gzip
x-openstack-request-id
txeb1ff4f5597246e68449b-006537d022
content-length
141924
x-trans-id
txeb1ff4f5597246e68449b-006537d022
x-request-id
9fd97a95-190c-4241-8ce5-8ce2e726b647
last-modified
Mon, 14 Aug 2023 19:40:19 GMT
x-thanos
0AB14002
etag
7653a312bd328a10f4cebb9aa11bd777
vary
Accept-Encoding, Origin
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
x-timestamp
1692042018.94437
cache-control
public, max-age=604800
accept-ranges
bytes
WhitmanDisplay-ExtraBold.woff2
s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/WhitmanDisplay-ExtraBold.woff2
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
99cc9e872f073562fd2d2ba78857f8fb53d85a39f729b22fd181c1bdb493ec52

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:44 GMT
x-openstack-request-id
tx206e8314f909402298084-00653aefd0
last-modified
Tue, 08 Feb 2022 14:05:53 GMT
x-thanos
0AB14002
etag
597fdc03d01129a0559c376539929752
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1644329152.83682
cache-control
public, max-age=180
accept-ranges
bytes
content-length
16520
x-trans-id
tx206e8314f909402298084-00653aefd0
x-request-id
d455b6ba-507c-4863-87bb-e8d492573b2e
WhitmanDisplay-Semibold.woff2
s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/WhitmanDisplay-Semibold.woff2
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
b926d84ed56f2239b061936da7b714dd10be0033a097264948c588f2d8c451d7

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:44 GMT
x-openstack-request-id
tx2c1b1b27efb14a0fb6223-00653aefc5
last-modified
Mon, 22 Aug 2022 18:33:25 GMT
x-thanos
0AB14002
etag
114250105c0b630ecdbbce6ca29a1f6e
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1661193204.59691
cache-control
public, max-age=180
accept-ranges
bytes
content-length
16140
x-trans-id
tx2c1b1b27efb14a0fb6223-00653aefc5
x-request-id
3ddbee3c-e42f-49ad-af1b-0f3d4006b378
2v84n8g15c1895dv.js
cdn.petametrics.com/ 		189 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.petametrics.com/2v84n8g15c1895dv.js?ts=471767
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
76e251ff2d6065bdd88fc4f9c22fde1ac676ba3e882122ac82e7390f6e381002

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:01:44 GMT
Content-Encoding
gzip
x-amz-version-id
H70lwZpNQOQn21D5Lsq2cINZDMSjj_FO
x-amz-request-id
PJ2AP0Y8HJ1Q0D4J
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
55208
x-amz-id-2
1LRmVILF3JCuCNxQg/52V2cVysrUqga9ubQROr2Y9FtE9cCB05ARzM70fDyYjrVbE0O1GS7F4Vc=
Last-Modified
Tue, 12 Sep 2023 22:57:42 GMT
Server
AmazonS3
ETag
"a6c4cc28c9c10dfe13e1790efac88bc9"
X-HW
1698361304.cds276.lo4.hn,1698361304.cds228.lo4.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, s-maxage=31536000
Accept-Ranges
bytes
truncated
/ 		727 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3945a98e43cd2167bfa9e8385ffa54335b9a393fa66af78f9b9deba11bd87470

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		738 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03bd05cfb6d0789c54678927cfbd8d3ab3c9b721cee69b3dec80dc9c521149dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
georgia.ttf
s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/ 		215 KB
215 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/georgia.ttf
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
38dffcaf1fac89492f7c56c600a14daf36ae42f7c21985cd4134ae113124a58f

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:44 GMT
x-openstack-request-id
tx9bcd4d1103e940158bdfa-00653aef66
last-modified
Wed, 23 Mar 2022 16:12:09 GMT
x-thanos
0AB14002
etag
ca8446d58eb8315c7a458caf81c6ed86
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1648051928.19231
cache-control
public, max-age=180
accept-ranges
bytes
content-length
219712
x-trans-id
tx9bcd4d1103e940158bdfa-00653aef66
x-request-id
56003263-218b-4039-9f6f-68e8e0e68b02
georgiab.ttf
s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/ 		203 KB
203 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_63fc83ece6e4451e89f8750cafb76fa2/fonts/georgiab.ttf
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
72a6cd94fab6c179392075d3fb361e269cdddfad41bb7ab385fa22a37e49a900

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:44 GMT
x-openstack-request-id
tx35077dc6c3a7410e8875a-00653aefa5
last-modified
Wed, 23 Mar 2022 16:12:09 GMT
x-thanos
0AB14002
etag
27836f0c46bfb03982e86c4ed5c8cc45
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1648051928.21230
cache-control
public, max-age=180
accept-ranges
bytes
content-length
207476
x-trans-id
tx35077dc6c3a7410e8875a-00653aefa5
x-request-id
ff177858-14dd-4b59-873e-c70131a64bf8
whatsapp-image-2023-10-19-at-09.15.07.jpeg
s2-oglobo.glbimg.com/qBBaS99SPNWGFvbMLwmnUHaq8bY=/0x0:1600x1050/648x248/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/R/g/KlALVERZAOXJ5P... 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-oglobo.glbimg.com/qBBaS99SPNWGFvbMLwmnUHaq8bY=/0x0:1600x1050/648x248/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/R/g/KlALVERZAOXJ5P9bZJHQ/whatsapp-image-2023-10-19-at-09.15.07.jpeg
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
e56436c1b9a00879abe23ab6e72926a7afb3aeb1181bdd5b5dc2933e7c37286d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:44 GMT
via
2.0 CachOS
x-bip
535051221 ra09 20 01
age
631465
x-cache-server
thumbor/nginx-cache
content-length
14970
x-cached
HIT
x-request-id
1f622e41-0979-4c51-a650-81cb3bb0c11a
x-forwarded-host
s2-oglobo.glbimg.com
x-thanos
0AB4D003
etag
"bb9a94fb8df3e489d5186809449265b7edc1be87"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sat, 18 Nov 2023 14:39:15 GMT
104730385.jpg
s2-oglobo.glbimg.com/bIrfqpHxC10oOzg-XtS4yf-70aI=/0x0:5184x3456/323x182/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/0/c/1ehXjsSR6PIvDK... 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-oglobo.glbimg.com/bIrfqpHxC10oOzg-XtS4yf-70aI=/0x0:5184x3456/323x182/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/0/c/1ehXjsSR6PIvDKKoFcxg/104730385.jpg
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
c24743351ba7b71940fa838374ab1bc7e33bb3268890d7777f0b13d541f2a1b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:44 GMT
via
2.0 CachOS
x-bip
555310419 ra09 20 01
age
0
x-cache-server
thumbor/nginx-cache
content-length
11530
x-cached
MISS
x-request-id
2446ec8f-9853-4e77-bd9d-ce7656645203
x-forwarded-host
s2-oglobo.glbimg.com
x-thanos
0AB4D003
etag
"94922edebec11b599535c3e1317d4011332986f5"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sat, 25 Nov 2023 23:01:44 GMT
15.jpg
s2-oglobo.glbimg.com/efx0RL73hc5yqMTvYKSRosCXM-8=/0x0:3448x2128/323x182/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/y/R/G2XbmbTQqc7BXA... 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-oglobo.glbimg.com/efx0RL73hc5yqMTvYKSRosCXM-8=/0x0:3448x2128/323x182/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/y/R/G2XbmbTQqc7BXA8xW7dg/15.jpg
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
b781bd9ec2791580b9a6e0e886562931140026e5a5597a8cdc97063febc7aa4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:44 GMT
via
2.0 CachOS
x-bip
553665123 ra09 20 01
age
0
x-cache-server
thumbor/nginx-cache
content-length
4678
x-cached
MISS
x-request-id
774e76ef-3ce8-4f65-8eaa-671acbaace0a
x-forwarded-host
s2-oglobo.glbimg.com
x-thanos
0AB4D003
etag
"44618081459f468ad6a6167c35a28b780658f951"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sat, 25 Nov 2023 23:01:44 GMT
caminhao-maconha-1-.jpg
s2-oglobo.glbimg.com/gS7Lx65we0IYeM7jIfmjOpmbHOU=/0x0:648x817/1000x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/v/A/4JPFIASAGuKjKG5Vx... 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-oglobo.glbimg.com/gS7Lx65we0IYeM7jIfmjOpmbHOU=/0x0:648x817/1000x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/v/A/4JPFIASAGuKjKG5Vxtbg/caminhao-maconha-1-.jpg
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
ac9644cef593fc6f416a995e76fe1da81a4593b00230419fc29d28bb7c96da89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:44 GMT
via
2.0 CachOS
x-bip
531617546 ra09 20 01
age
0
x-cache-server
thumbor/nginx-cache
content-length
95790
x-cached
MISS
x-request-id
b1abd34c-67df-4288-a282-70c90d3c0a85
x-forwarded-host
s2-oglobo.glbimg.com
x-thanos
0AB4D003
etag
"77c6896ee0bcc971065703d6d9744bd43b4957d0"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sat, 25 Nov 2023 23:01:44 GMT
bastian-20230853106938e97a07e2056f5ffed36520e9.rest.css
s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-20230853106938e97a07e2056f5ffed36520e9.rest.css
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
71c61f2dfa7f304323163478fe9e1bc1cfe3910382a43142b55f61be5af8c670

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:44 GMT
content-encoding
gzip
x-openstack-request-id
tx9ed2ced543cb48aeae310-0065183263
last-modified
Tue, 08 Aug 2023 17:32:01 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/css
x-timestamp
1691515920.59004
cache-control
public, max-age=2592000
x-trans-id
tx9ed2ced543cb48aeae310-0065183263
x-request-id
a511eac7-359e-4a36-95c4-0a9e7b45c885
__activity.gif
query.petametrics.com/v3/2v84n8g15c1895dv/48c8b322-6e65-4d94-8dfc-cdcc42507cb4/ 		35 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/2v84n8g15c1895dv/48c8b322-6e65-4d94-8dfc-cdcc42507cb4/__activity.gif?e=pageview&ct=Cidade+da+Pol%C3%ADcia+Civil+foi+o+palco+da+negociata+para+o+tr%C3%A1fico+de+16+toneladas+de+maconha%2C+diz+PF&ccu=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&tspl=2494&blst=2355&ist=2489&iet=2493&bdst=2355&bdet=2482&bcttt=6&ts=1698361304171&jsk=2v84n8g15c1895dv&jsv=20230912&cu=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&uid=48c8b322-6e65-4d94-8dfc-cdcc42507cb4&sid=671c2b1a-07a3-4b3e-f204-d43e3814b47e&pvid=58c764b5-6d60-4067-9124-59649ce28730&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F118.0.5993.117+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.6&saveData=false&ctyp=unknown&tzo=-120&sdk=bc-pixel
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 26 Oct 2023 23:01:44 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
1.tiny.js
static.infoglobo.com.br/paywall/js/ 		27 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/1.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
123.224.151.34.bc.googleusercontent.com
Software
/
Resource Hash
d7ae5a16c1890c44613e6e40818266e052783bbbd2b202836a5a7e014ece53a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-location-rule
static - tiny.js
date
Thu, 26 Oct 2023 23:01:44 GMT
content-encoding
gzip
x-proxy-cache
HIT
last-modified
Thu, 26 Oct 2023 20:22:59 GMT
x-cache-status
HIT
x-served-from
infoglobo-router-gcp, shared-cache
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
supportspointer
true
cache-control
max-age=600
charset
utf-8
x-request-id
2572757d983cd99bfadf44d5408e6991
expires
Thu, 26 Oct 2023 20:46:12 GMT
18.tiny.js
static.infoglobo.com.br/paywall/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/18.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
123.224.151.34.bc.googleusercontent.com
Software
/
Resource Hash
c1b9adf8339750ad910b2316ceabb71d5e180c2afd37fa69d529601c3f396fd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-location-rule
static - tiny.js
date
Thu, 26 Oct 2023 23:01:44 GMT
content-encoding
gzip
x-proxy-cache
HIT
last-modified
Thu, 26 Oct 2023 20:23:22 GMT
x-cache-status
HIT
x-served-from
infoglobo-router-gcp, shared-cache
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
supportspointer
true
cache-control
max-age=600
charset
utf-8
x-request-id
b6888ada79269c5cfd303b07cd0895b0
expires
Thu, 26 Oct 2023 20:46:27 GMT
load
experience.tinypass.com/xbuilder/experience/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=GTCopIDc5z
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a8b1a5d057124c55e6627c62b0e5799deb5734f067672416c12cdb1458c4e4d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
date
Thu, 26 Oct 2023 23:01:44 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 22:48:08 GMT
server
cloudflare
age
816
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
81c652aaba022c3d-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
990y2m64hy
expires
Thu, 26 Oct 2023 23:31:44 GMT
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/1.tiny.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.207.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:44 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HM9Z5WS7PJHY3FQH
age
1024
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Y2YkUPR6dPCnA6B3ktAsvqQZVxmS5sxXdkBmb3/yy6MWYaOkSjmfvgAhxD2vZRQk18E1IvoazuE=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXYAK1p0Kl3ytYrFnpg5c3lAQBZ1oI4NP8RawlbISlx%2FSBIZ5QP5VDixLll7yysRbynH02bxOGFi0xCeKPC30r0CEOPneCP1hKgoZhfzslS8sANB3%2BASecEDghE0GQhysx0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
81c652abedca6973-FRA
aa1341f0ce8b9a2f119bb886db1b3a3d.css
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/aa1341f0ce8b9a2f119bb886db1b3a3d.css
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
684852f26cc088af0c593108090c8ef97ea26ddf2891f1b1b52cc5c65b3d5b91

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:44 GMT
content-encoding
gzip
x-openstack-request-id
tx71f842adfee9423488d2c-006537cfe0
content-length
1324
x-trans-id
tx71f842adfee9423488d2c-006537cfe0
x-request-id
a0056f66-b13a-49f7-ad93-a9a20ed01ada
last-modified
Tue, 24 Oct 2023 14:02:03 GMT
x-thanos
0AB14002
etag
a55856e260446cc0d85741555504719d
vary
Accept-Encoding, Origin
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
x-timestamp
1698156122.38466
cache-control
public, max-age=604800
accept-ranges
bytes
truncated
/ 		436 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		507 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
opensans-light-webfont.woff
s.glbimg.com/gl/ba/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/gl/ba/fonts/opensans-light-webfont.woff
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-location-rule
barra-legado
date
Thu, 26 Oct 2023 23:01:45 GMT
via
2.0 CachOS
x-content-type-options
nosniff
x-bip
603849998 ra09 20 03
age
246
x-cache-status
HIT
x-goog-meta-x-goog-reserved-source-generation
1669739323813245
content-length
20184
x-xss-protection
1; mode=block
x-request-id
374614cd-ae97-4fdc-8d04-f1fafdb99afb
last-modified
Thu, 04 May 2023 18:56:24 GMT
x-thanos
0AB4D012
etag
"d6cc1c50b230a5c61bb684e07f3e0e98"
vary
Origin
x-served-from
estaticos-gcp-prod
content-type
font/woff
access-control-allow-origin
https://oglobo.globo.com
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 26 Oct 2023 23:02:38 GMT
barra-globocom.min.js
s.glbimg.com/gl/ba/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
b81ad1210bf4276e2651563c487f1116410f97232fcf37a85c09dffa25edda2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-location-rule
barra-legado
date
Thu, 26 Oct 2023 23:01:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
585634464 ra03 05 02 06
age
239
x-cache-status
HIT
x-goog-meta-x-goog-reserved-source-generation
1669739323699742
content-length
10597
x-xss-protection
1; mode=block
x-request-id
664d225b-4b88-499f-af2f-8438fc177f02
last-modified
Thu, 04 May 2023 18:56:23 GMT
x-thanos
0AB1D111
etag
W/"1af9514851ffe9f801c5468a9d1206ac"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 26 Oct 2023 23:02:45 GMT
truncated
/ 		203 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81c18c6a1eebd0d4249f792956e0cfed7e81dc9dbef518227d62ec1818262c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		196 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
721f01f7ac435b12df171ba12797e85092612ae1f5c755bb33124cf6c7ff6104

Request headers

Referer
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		197 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2be5ec9833fb7e7cc366e1a51bf5f07978b7959c25a5426c4ee22fd9ab7f3e85

Request headers

Referer
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
lib-pub-core-oglobo-latest.js
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/oglobo/prod/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/oglobo/prod/lib-pub-core-oglobo-latest.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/oglobo/prod/lib-pub-relay-oglobo-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
21cc702ac08ea8e5ff3e8227593664605b228ff93528b339ee4571abead3f19f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:44 GMT
content-encoding
gzip
x-openstack-request-id
tx31467814decc4cda957d3-00653aef9d
last-modified
Fri, 20 Oct 2023 20:26:38 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
x-object-meta-mtime
1697833167.000000
content-type
application/javascript
x-timestamp
1697833597.06280
cache-control
public, max-age=180
x-trans-id
tx31467814decc4cda957d3-00653aef9d
x-request-id
69aba138-fe62-4fb6-82e8-08223ceb0671
settings.min.js
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/settings.min.js
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
8e1abad13842cfce1f10ec038a49780b0c8889d90f314fd084e946536e043f1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
x-openstack-request-id
txe89ecdf049e542c287e2f-00653aefd8
last-modified
Sat, 02 Sep 2023 17:44:45 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
x-object-meta-mtime
1693675470.000000
content-type
application/javascript
x-timestamp
1693676684.90264
cache-control
public, max-age=
x-trans-id
txe89ecdf049e542c287e2f-00653aefd8
x-request-id
4396a4f2-777a-4b03-8654-eefa01713807
tinypass.min.js
cdn.tinypass.com/api/ 		361 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=GTCopIDc5z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75d980aac2a526c75acacf6fa379329951500b5285530ed56e56838524b576f0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:44 GMT
x-amz-version-id
X3jeRe1PQ6Td3UEHWhvYUnuUOK6YZc.e
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
E2NMGTDFG356TXMQ
age
9404
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
9BaTm/eA5JjAJK8UrdiI2SmyEA/A3JDLLWJ6pI8FDliFgHczVwnukaapnQTgKqL2kS5EaGOy1RA=
last-modified
Thu, 26 Oct 2023 12:24:07 GMT
server
cloudflare
etag
W/"77f966219db137fca2a47c4737cc62a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
81c652aaea292c3d-FRA
expires
Fri, 27 Oct 2023 03:01:44 GMT
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.210.115.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-115-50.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8774018c1144b86e36ee08be52ead31829085c7f81669101e728e6d3edc9b18b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:01:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Aug 2023 09:25:23 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6042
Expires
Fri, 27 Oct 2023 00:01:45 GMT
execute
c2.piano.io/xbuilder/experience/ 		32 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=GTCopIDc5z
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.194.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32b35750d64b41c5f9b687771ac72724b05493d903d88e208674844a49a1a31f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
q2grybhuhx
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
81c652addafc3661-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/oglobo/prod/lib-pub-core-oglobo-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
0df11c02060a791e8f0030369c3e3ac91ea4578eeef59e5517f8c8185c53f383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29673
x-xss-protection
0
server
cafe
etag
66 / 19656 / m202310190101 / config-hash: 600854357455498904
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 23:01:45 GMT
15688_oglobo.js
ads.rubiconproject.com/prebid/ 		442 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/15688_oglobo.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/oglobo/prod/lib-pub-core-oglobo-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
3324aaa5dc3d7b5f08d4c2ac5cefe6e743e68f7668564c2e41b95bbfa55ae024

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
content-encoding
gzip
last-modified
Thu, 26 Oct 2023 19:40:39 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
131313
expires
Thu, 26 Oct 2023 23:55:49 GMT
publicidade.css
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/css/prod/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/css/prod/publicidade.css
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/oglobo/prod/lib-pub-core-oglobo-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
content-encoding
gzip
x-openstack-request-id
txbae91d801949475b95706-00653aef8b
last-modified
Wed, 13 Sep 2023 18:42:19 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/css
x-timestamp
1694630538.09953
cache-control
public, max-age=180
x-trans-id
txbae91d801949475b95706-00653aef8b
x-request-id
8bfb644b-a04a-474d-b1c3-c97cfc39dfcd
horizon-client-js.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
content-encoding
gzip
x-openstack-request-id
tx42d1b96c6a194b659243c-00653aefae
last-modified
Fri, 13 Nov 2020 17:21:38 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1605288097.88717
cache-control
public, max-age=600
x-trans-id
tx42d1b96c6a194b659243c-00653aefae
x-request-id
ed7523a1-6022-4643-9e21-827b720eb405
glb-pv-min.js
s.glbimg.com/bu/rt/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/bu/rt/js/glb-pv-min.js
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Thu, 26 Oct 2023 23:01:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
586262568 ra03 05 02 06
age
73388
x-cache-status
HIT
content-length
945
x-xss-protection
1; mode=block
x-request-id
44f08d0f-8a20-43b4-bb52-31ea21e12b14
last-modified
Fri, 11 Nov 2022 21:36:41 GMT
x-thanos
0AB1D111
etag
W/"aaaef25ae81d7253ced007ce6451d65e"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 27 Oct 2023 02:38:36 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035227/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
384 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Server
18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 05:52:17 GMT
via
1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
61769
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
GgPNBjJivXhrWGwH8UhFDqrWp7ghvZcszV2k1qHpH9DGKHFe8o7p7w==

Redirect headers

date
Thu, 26 Oct 2023 23:01:45 GMT
via
1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
8BVRX2MZ4CzP7MEhb_sEi8Yykse8d1uBxHDsbPn1feYFIYcfNwWvcA==
logo_globoplay.svg
s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/logos/globoplay/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/logos/globoplay/logo_globoplay.svg
Requested by
Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
c637bc70cc671cda4cc4885f7b5f53537f9ded298f7ddcb6a784ca244606f0ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://barra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
content-encoding
gzip
x-openstack-request-id
txd0687d8694db44e5b172e-00653aef62
last-modified
Mon, 17 Oct 2022 13:20:36 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-timestamp
1666012835.41302
cache-control
public, max-age=180
x-trans-id
txd0687d8694db44e5b172e-00653aef62
x-request-id
b7e48211-8626-4133-a407-aba94c2ba87c
p
sb.scorecardresearch.com/ 		43 B
301 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1698361304965&ns_c=UTF-8&c8=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&c7=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&c9=
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-107.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
via
1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
U0eFCKhUCN-wJDZKzQDlGFYAXO7CJihLyRWgEMmqa5hLJ8_gd3mshQ==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231027
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7c793300f13fd3a34856f726d769507dac3a8390ea7c58088620b7572ce0336
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
25256
x-jsd-version
1.0.1855
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230110-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"62a-PI0kzeXrISkjC0NV6wo0PrgaJ+0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNEy%2BADtoyBx%2BXjPdLwNeTag%2FoqA4i0KWeQxLeBa%2Blsv8X%2BXKaDlYMzCOPRLUMJoYY5u%2FLG4JaqkUa9AZSmd0QLX%2BCE3slXTejSdvhlTeiP6UNReDpdDCtzS3PK3kjSGDwY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81c652af1ad53a68-FRA
horizon-pageview
horizon.globo.com/auth-session/activity/oglobo/ 		0
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://horizon.globo.com/auth-session/activity/oglobo/horizon-pageview?object=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&Referrer=&tags=&client_version=0.3.11
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
strict-transport-security
max-age=60
content-length
0
x-served-from
hzt-tsuru
content-type
text/plain; charset=UTF-8
cx.js
cdn.cxense.com/ 		111 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.210.115.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-115-50.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
34e74731b15d6d1f499cb8263612b932c8674f70a8c2ac310290ecf5a34e4a08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:01:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Oct 2023 11:33:03 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36814
Expires
Fri, 27 Oct 2023 00:01:45 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/ 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 19:31:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
12613
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135316
x-xss-protection
0
server
cafe
etag
9779678222609117831
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 25 Oct 2024 19:31:32 GMT
4.tiny.js
static.infoglobo.com.br/paywall/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/4.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
123.224.151.34.bc.googleusercontent.com
Software
/
Resource Hash
5a014ebb4e69cd96c9a1e14629f1b13e6dc3ebf1bdb8cd7f0e38d9017e9b54a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-location-rule
static - tiny.js
date
Thu, 26 Oct 2023 23:01:45 GMT
content-encoding
gzip
x-proxy-cache
HIT
last-modified
Thu, 26 Oct 2023 20:23:36 GMT
x-cache-status
HIT
x-served-from
infoglobo-router-gcp, shared-cache
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
supportspointer
true
cache-control
max-age=600
charset
utf-8
x-request-id
0247380d3cd98885fb86a529856955eb
expires
Thu, 26 Oct 2023 20:45:11 GMT
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		585 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=GTCopIDc5z
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b60a65d794f06ef21cbd50283f71e960c5b9b0a654843f6b6ad5beabf8ba70
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mxyr53sC2W5
pragma
no-cache
wn
prod-dash-10-0-82-37
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.003
cache-control
no-cache, no-store, must-revalidate
cf-ray
81c652b0d9b903d0-FRA
expires
0
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		587 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=GTCopIDc5z
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e95437475799d63f51f8f4a964c2a3334f65f7aaf5e983f026146d4cb79cd7e6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mxyr53svUBp
pragma
no-cache
wn
prod-dash-10-0-131-86
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.003
cache-control
no-cache, no-store, must-revalidate
cf-ray
81c652b0d9ba03d0-FRA
expires
0
sp1.html
cdn.cxense.com/ Frame 0F45 		672 B
747 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.210.115.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-115-50.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
72e60b6eb3be9d5d931fdeb84475759aa558145f9a848f1804423f5b1e611ecc

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
377
Content-Type
text/html
Date
Thu, 26 Oct 2023 23:01:45 GMT
Expires
Sun, 05 Nov 2023 23:01:45 GMT
Last-Modified
Wed, 02 Aug 2023 12:14:52 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
esp.js
cdn.id5-sync.com/api/1.0/ 		143 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 08:11:43 GMT
server
cloudflare
x-amz-request-id
YC88ZAK0BT4TV1QS
age
3255
etag
W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
81c652b16fdabbd9-FRA
x-amz-id-2
3tPdeywrS2ZGfOvvBHdUm35bzzhfjLgQkaQJ9ZZf+ANtV1xLI/PXt4eIeOu5L+IY+8KIk1FeUcrdkLkz++N6vQ==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.92.211 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-92-211.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Thu, 26 Oct 2023 05:50:54 GMT
Via
1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Age
61852
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
qWXzYGxfyMqoWvbHDCow6V3ccUCJj_0uiDqrgsLghU66_mUlyuIyYQ==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15267
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOwoY%2FwKWWeMVsNe9hO6sg0E8Stibb6emV3Bay5nN8iaGSw0cVA7JklkeFFy6FOE1v14FIdv7PA%2F8e6V1%2FJ8ew3Hc58Y3nzey1kZgBU1nOeg4So81BQfU3FrLNTI1GsAE8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81c652b15d5e2c04-FRA
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 02:29:26 GMT
content-encoding
gzip
age
73939
x-guploader-uploadid
ABPtcPqHbjqPhKh2g3rLNDONjQOKU61Px7tzqzBh7WkCYt0i0BsdHalj9-b0OPiPUoULQhA2lZHQGq8cBXCis3HntxktCwlYb4qI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 25 Oct 2024 02:29:26 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 11 Oct 2023 08:53:04 GMT
server
nginx
etag
W/"65266270-a892"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 23:01:45 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 03:07:00 GMT
content-encoding
gzip
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
71686
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
qRU_N0xnK28ZSBADS-w8XLMHOaWV_kbKlzTaTPzxjkmy2X8de4_RfQ==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
560591b131aa9440e1fc7975d1c46b66
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2341082111872422&correlator=2864323235045390&eid=31079125&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=85042905%2Cinfo.web.oglobo%2Crio%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90%7C970x250%7C970x150%7C1190x250%7C1190x150&ifi=1&didk=3223810204&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1698361305485&lmt=1698354105&adxs=205&adys=3149&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&vis=1&psz=1190x0&msz=1190x0&fws=4&ohw=1190&ga_vid=233865381.1698361305&ga_sid=1698361305&ga_hid=406410932&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYhtPj8bYxSABSAghkEhkKCnB1YmNpZC5vcmcYhdPj8bYxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIbT4_G2MUgAUgIIZBIXCghydGJob3VzZRiG0-PxtjFIAFICCGQSGQoKdWlkYXBpLmNvbRiF0-PxtjFIAFICCGQSFAoFb3BlbngYhdPj8bYxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiF0-PxtjFIAFICCGQ.&dlt=1698361302991&idt=2438&prev_scp=Editora.pos%3DMiddle%26rc%3Dbanner_materia2_0&cust_params=ambient%3D%26tipo_pagina%3Dmateria%26editora.random%3D7%26Editora.url%3Dpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1698361304960%26prmtvvid%3D%26prmtvwid%3D&adks=3936396587&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
4d4f36617293127698ebf21b02d450d5071f36d251c99e2739875235acc0b849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12275
x-xss-protection
0
google-lineitem-id
5770128229
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138360598297
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C482 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 23:01:45 GMT
expires
Fri, 25 Oct 2024 23:01:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cx.js
cdn.cxense.com/ Frame 0F45 		111 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.210.115.50 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-115-50.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7aca3d54155244878c83a859bbaeed7407dfced9d5396ff11715b84c1f712396

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:01:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Oct 2023 11:33:03 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36814
Expires
Fri, 27 Oct 2023 00:01:45 GMT
p1.js
p1cluster.cxense.com/ Frame 0F45 		44 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0039.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
71901d0bfb12e511059d7b621e49bdd753e70355f8c44ab1e8418403a1404a6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
last-modified
Wed, 26 Apr 2023 23:01:45 GMT
server
Jetty(9.4.28.v20200408)
etag
4390is2zghsn2wegiauzw7b
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
44
expires
Sat, 26 Oct 2024 23:01:45 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfi...
  • https://oajs.openx.net/esp?url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfi...
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&rid=esp&cc=1
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
0e725d8045e8d685d34b2de3af3c5384ed598260e71cd3d4fb4ffd08591d5010

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-YQtxJza5vXZw2sbbBvQLWJgszIE"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 26 Oct 2023 23:01:45 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://oglobo.globo.com
location
/esp?url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
map
bcp.crwdcntrl.net/6/ 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.64.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-64-164.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
54cc0f3d82346b3ee0a3fb34186f6d3239cbbef511016130e1aa7dcbf1a48adc

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:45 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache
x-server
10.45.1.248
access-control-allow-credentials
true
content-length
60
expires
0
rep.gif
comcluster.cxense.com/Repo/ Frame 0F45 		43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.34&typ=pgv&rnd=lo7sgxtgnyx5kw11&sid=1152151660084636047&loc=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&new=1&arf=0&ltm=1698361305337&ref=&tzo=-120&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lo7sgy7zhv74ju8z&ckp=lo7sgxtg29kji42w&glb=&cp_userState=anon&cst=4390is2zghsn2wegiauzw7b
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0039.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Thu, 26 Oct 2023 23:01:45 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/ 		102 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lo7sgxtg29kji42w%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%224390is2zghsn2wegiauzw7b%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%224390is2zghsn2wegiauzw7b%22%7D%5D%2C%22siteId%22%3A%221152151660084636047%22%2C%22location%22%3A%22https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-%22%7D&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0039.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
8492927ddf7fb1c8035f93f681ec4a0bed6a5a4d1bca47d0b65b18189fb6950d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:45 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
102
expires
Mon, 26 Jul 1997 05:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DF86 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHBZZIkDWATEOSyiM-xuRqH0HqV_BdjpdQGjYgTOowlBjiobExnMeohMhjoUilW0fpgjjkgpTG8IkKItMWD_CVZQ8LGC8HBgsEkgZR-xkHcytPCxGhvmVwUJk2vlOUzO3JCo_zvUuS6bYeZ2fR85UxKb0LJO1CoU_MUvStknntWg2y6OdXZ1kSzxQZ2velql3WtI29zusl_ogp5PrGG0FANa9SydDI-DOAHc0A9ftAZkJHSLAmzacYrJqVJAEprN42wC7mzxh7375gn6Bftnm5n_M3Ra0HQ8xsJ2lxtpeqiFMYWxAfxr9HmQvh5576GWEWsSA8PzlS2hvora69wvRhnEebDFO7_zBkPl_fjIyu5L1sD66CX2oCzh5GhweP&sai=AMfl-YTpZW_iGvQPPNiKKYmt-95S5nVXZDkduZF7aVKu5qyp9--RyP_s5YBMQgKfbrISNCqSjzkzYe0AOEVlGeS5ae4m5Dog9Nu3mDzdwYo8mMoMN5Sj9Udq_XU9sjyvuneHekFlv8ZcRR033lHZxgg&sig=Cg0ArKJSzO8Rh5aTPZD0EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 26 Oct 2023 23:01:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame DF86 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
5568b0c04d57efd8d9d46f706cf67abe094af69892aafad31166e70d6fc51165
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29677
x-xss-protection
0
server
cafe
etag
415 / 19656 / 31079072 / config-hash: 600854357455498904
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 23:01:45 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157163/4984/ Frame DF86 		598 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.23.8.228 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-8-228.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
55f45401a6b257061cabb9bb5f0d7ab2d7d8577097bd9ab17ea19f3086f9fc04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
content-encoding
gzip
last-modified
Mon, 05 Jun 2023 18:54:57 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=9714
accept-ranges
bytes
content-length
178700
expires
Fri, 27 Oct 2023 01:43:39 GMT
owHCMR.js
s3.amazonaws.com/script-tags/ Frame DF86 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/script-tags/owHCMR.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.204.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
202d55eefdb855849ab9d7cd04d7c134bf4d7c96848b4ae0905c45be006f5c31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:01:47 GMT
Last-Modified
Thu, 26 Oct 2023 08:27:48 GMT
Server
AmazonS3
x-amz-request-id
B9Z96X2ZQD996QY5
ETag
"98ce94687b2def8bc5e267b1b8a13714"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
18050
x-amz-id-2
Ba+n/H9oPfeHmqNS2ZCh/mt5uB/UAi4KysIT6Z87ojHfHTq2aEgySZYM3glzsXDf8awsuLbuQ+s=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DF86 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 23:01:46 GMT
encrypt
esp.rtbhouse.com/ 		369 B
643 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
751691faa151d0f7dfb720d2dd1685155988d67e7589328531ce30b7e9fa633a

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:45 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
aff4f8c448994e2b30da893a71d788a6
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
369
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/ Frame DF86 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 14:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
30089
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135316
x-xss-protection
0
server
cafe
etag
9779678222609117831
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 25 Oct 2024 14:40:16 GMT
syncframe
gum.criteo.com/ Frame 2B30 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=oglobo.globo.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 23:01:45 GMT
server
Kestrel
server-processing-duration-in-ticks
331537
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pd
google-bidout-d.openx.net/w/1.0/ Frame 8C4D 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 26 Oct 2023 23:01:45 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
increment
id5-sync.com/api/esp/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
j
rp.liadm.com/ Frame DF86
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1698361306020&se=e30&duid=be2f1ac8945b--01hdq3htx0gtr7xz8wgkm312yh&pu=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contr...
  • https://rp.liadm.com/j?se=e30&duid=be2f1ac8945b--01hdq3htx0gtr7xz8wgkm312yh&dtstmp=1698361306020&n3pc=true&wpn=prebid&pu=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco...
13 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp.liadm.com/j?se=e30&duid=be2f1ac8945b--01hdq3htx0gtr7xz8wgkm312yh&dtstmp=1698361306020&n3pc=true&wpn=prebid&pu=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Server
52.71.139.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-139-182.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
x-pixel-event-id
74f2178c-5335-4e28-bc6f-e6cf81eb6195
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
13

Redirect headers

location
/j?se=e30&duid=be2f1ac8945b--01hdq3htx0gtr7xz8wgkm312yh&dtstmp=1698361306020&n3pc=true&wpn=prebid&pu=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:47 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
ea05d466-f785-4b9a-a030-6fdc6a39498f
config.aps.amazon-adsystem.com/configs/ Frame DF86 		537 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
f94bb0ae5532e06fa22046d489fef28ff346b0919fcededf6ce181330615b2f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 22:07:25 GMT
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
3261
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
7KMpEwqkoWnopCOUB5PL_FGJPoqTt8NagVM4Fs5AJqEQyvqqbhHMFQ==
publisher.js
client.aps.amazon-adsystem.com/ Frame DF86 		245 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.aps.amazon-adsystem.com/publisher.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-46.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d80a526b27ab21e20dd4b921eb2c975affe2af32939538acd5a7881609035f59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 22:32:10 GMT
content-encoding
br
via
1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
last-modified
Tue, 24 Oct 2023 21:00:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
1777
x-amz-server-side-encryption
AES256
etag
W/"b17c3291864f20f0126a80c4f3251851"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
d2vJod-B6RuiDO5j_rV4kcqAy5EQlARj--klq8n1_DsiwdiQzQGRqQ==
pub
pixel.adsafeprotected.com/services/ Frame DF86 		510 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931348&slot=%7Bid:/138871148/oglobo.globo.com.dw.970x250.inter,ss:%5B970.250%5D,p:/138871148,85042905/oglobo.globo.com.dw.970x250.inter%7D&wr=970.250&sr=1600.1200&url=https%253A%252F%252Foglobo.globo.com%252Frio%252Fnoticia%252F2023%252F10%252F19%252Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%253Ffbclid%253DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.11.164 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-11-164.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0c1777112b4059996b726d5a6dd5f4cf19bf28bef59d1b11c827921c1108feff

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
server
nginx
x-server-name
app08.or.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ Frame DF86 		19 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:46 GMT
an-x-request-uuid
927fe208-e95d-4792-98b8-419c7995c579
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ Frame DF86 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:45 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
77
server
envoy
vary
origin, Accept-Encoding
hb
hb.undertone.com/ Frame DF86 		0
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3648&domain=globo.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-90.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:46 GMT
via
1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://oglobo.globo.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-amz-cf-id
8OCLmcYMSSefvZHZGMRCV_pL0FfJi5wEbM4wrEonTWlgv_SMVjpp0g==
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame DF86 		358 B
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1780802&size_id=57&rp_schain=1.0,1!hcodemedia.com,288,1,,,&eid_pubcid.org=ae0777c5-b9e7-4908-8d21-43cf5fe09bd5%5E1&rf=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&tg_i.adunit=oglobo.globo.com.dw.970x250.inter&tg_i.pbadslot=%2F138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter&tk_flint=pbjs_lite_v6.29.3&x_source.tid=9fd2b0d1-68de-4598-8ccf-413408749552&l_pb_bid_id=83e205bd89105a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter&slots=1&rand=0.7747124613218577
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3092d2490b86e1d81acb28151f6fb35e0e13c0f2c160b0fa9f2015b9212dcf10

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:47 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
358
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ Frame DF86 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2410EL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
2651408db87c4f32c3899dc3ef665d15061b5eeb2d0f72ffd33c2590a6c41fb0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:45 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 26 Oct 2023 23:01:46 GMT
translator
hbopenbid.pubmatic.com/ Frame DF86 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=529
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame DF86 		24 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.29.3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
de4b7510e941072e71d806b1a0e7e4f22f64df777254a23ba758fdf463590cef

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 26 Oct 2023 23:01:46 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://oglobo.globo.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
pbjs
htlb.casalemedia.com/openrtb/ Frame DF86 		37 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=828451&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2215411804200adae%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-%22%2C%22page%22%3A%22https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221622115be1db21f%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22828451%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter%22%2C%22gpid%22%3A%22%2F138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22hcodemedia.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%22288%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ae0777c5-b9e7-4908-8d21-43cf5fe09bd5%22%7D%5D%7D%5D%7D%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
637ff471181e622f31d83a057609a2b6a9c7d0b3128b3c4d423a811c400a25ed

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hM6Be6QR%2BsiJX0jrCJmbkAuJa2pY%2FhU8S1yE9zsOq3HeR50DA1Wq%2Fcgf2ZpcEGpGboKflD7NX1k2K53v98FobxAS65Ce5cA4w3%2FiFBWflv%2BTnoWPHAEF82uVS6HkkkpOSNRMNtP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81c652b44b201db3-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
/
ads.resetsrv.com/ Frame DF86 		0
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.resetsrv.com/
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.21.53 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:46 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-methods
GET, POST
content-type
text/html
json
gum.criteo.com/sid/ Frame 2B30 		425 B
552 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=oglobo.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=oglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f539bbcde043eb264e4a4e36a90118906a5eec82dbadaf999d5b20dac906c91a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=oglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:46 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1308359
expires
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame DF86 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
date
Thu, 26 Oct 2023 03:00:07 GMT
x-amz-cf-pop
FRA56-P6
age
72141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
UNv1kANL3JDxcRt6MFGwJAksLby-uEv-7eaHlopiAvJ_LZT1JnknPg==
truncated
/ Frame DF86 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23b0d76286eeab211ade48186ca338dbb0b91ee363f1f7de8b3ff0be5a8388ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame DF86 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7xkEWBPMOdIkWRxp2NIBq3oV2-R0Ulq-WotTqtB7535Ut6Q2yeS2FNsvgYuUegAXj8WGINM6jti4Kppq4ac79QuubAFiSIYUe7GD118nBPLbySX-YSqgOhvkgkd_0d-xQ7eshwod6yKSVaD0eOZDKkWJFd_6X3J3NqiqOsOwdnY8oQ-2cxpwzw1nRvN-tfxbzJX5VH_r73l9nl5HWHf1O66E--hwzZHxc9s3zLR8CLnk88dSb0O0-Oo-uaCemwRAYlALs9EsxKOW6djqg85qUQz2WoVxgrR9Fh-_V5D3Z7mNJ-HzUWZRIDmOzhzN4gYsDLOLNXv4O3jeCQJkc9x44dBuWBWrnjd0ecD8iNhMA7RNGB-gNDdUACcwm6C2FWSo&sai=AMfl-YTT-L_iyOSgXwN7jcCPSWySl-SwD9uf7jISc4ypaJNJXSyJD49y9-l_N9xK7yY9j00yIYSwxiuIc81zPG8hfQuEsQ0WIhPrltWGnXjYoG0koCa4yX_hioC-Lleme1SK4SsQA3sfwElQVForL5I&sig=Cg0ArKJSzEGxQeDqiI-REAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 26 Oct 2023 23:01:46 GMT
glb%2Dpv%2Dmin.js
s.glbimg.com/bu/rt/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/bu/rt/js/glb%2Dpv%2Dmin.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
586552385 ra03 05 02 06
age
73376
x-cache-status
HIT
content-length
945
x-xss-protection
1; mode=block
x-request-id
32545be1-895b-468d-afbd-0e2d744b6184
last-modified
Fri, 11 Nov 2022 21:36:41 GMT
x-thanos
0AB1D111
etag
W/"aaaef25ae81d7253ced007ce6451d65e"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 27 Oct 2023 02:38:50 GMT
tv4.min.js
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
gzip
x-openstack-request-id
tx3d308b9a7a58409ea2494-0064282d65
last-modified
Fri, 25 May 2018 14:11:50 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1527257509.32548
cache-control
public, max-age=31536000
x-trans-id
tx3d308b9a7a58409ea2494-0064282d65
x-request-id
3f6c8550-a649-4ea4-add2-f1d378f409b6
bid
aax.amazon-adsystem.com/e/dtb/ Frame DF86 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&pid=5hFTtXh6wQoLW&cb=0&ws=970x250&v=23.1020.1619&t=60000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.970x250.inter%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter%22%7D%5D&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
74JVWCMMJK64BTH5Y3Z2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
SNk6Rzumhit9q9gkdiGpJuq3Z9DGdNcl9MtUw0Wl2QOlJYdoxiErPw==
ww.js
cdn.ampproject.org/rtv/012310111731000/ 		51 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310111731000/ww.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
b7626b2bf7ba30dc8bba71a764785f59891c4d1a5483118f4eadf98fa983e753
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 24 Oct 2023 18:03:01 GMT
age
190726
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14432
x-xss-protection
0
server
sffe
etag
"55acd835b7e83516"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Oct 2024 18:03:01 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f1e7751de7211682870afa390d8383cddbf7845eb9d83b700752bc26602a782

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml
step1.html
id.globo.com/auth/realms/globo.com/protocol/openid-connect/3p-cookies/ Frame 7672 		955 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/3p-cookies/step1.html
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.201.227 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
227.201.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
8e08d6c979c3b89f8735ddec57645eea1633c985de66818d1c9d7a2478bcbd32
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; object-src 'none'; frame-ancestors 'self' https://*.globoi.com https://*.globo.com https://local.globoi.com:8080 https://*.apps.tsuru.gcp.i.globo https://*.techtudo.com.br https://www.techtudo.com.br;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since, framework_version_header, system_version_header, platform_header, app_id_header, access_header, globoid_connect_apikey
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate, no-transform, no-store
content-encoding
gzip
content-security-policy
frame-src 'self'; object-src 'none'; frame-ancestors 'self' https://*.globoi.com https://*.globo.com https://local.globoi.com:8080 https://*.apps.tsuru.gcp.i.globo https://*.techtudo.com.br https://www.techtudo.com.br;
content-type
text/html;charset=utf-8
date
Thu, 26 Oct 2023 23:01:48 GMT
p3p
CP="This is not a P3P policy!"
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-robots-tag
none
x-xss-protection
1; mode=block
api.min.js
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/api/stable/web/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/api/stable/web/api.min.js?loading-agent=global-webdeps
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
870d9252784afb443cc7121d7359290e2f2c8b5b7c5d88676bfb4b693246f48b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
gzip
x-openstack-request-id
txc661d7c1560448ebac21a-00653a9dad
last-modified
Wed, 25 Oct 2023 17:08:45 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
x-object-meta-mtime
1698088203.000000
content-type
application/javascript
x-timestamp
1698253724.05481
cache-control
public, max-age=86400
x-trans-id
txc661d7c1560448ebac21a-00653a9dad
x-request-id
0a4380d7-af74-4b27-9a2e-17df720fedb9
cadun.js
s.glbimg.com/pc/ca/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
583710835 ra03 05 02 06
age
73389
x-cache-status
HIT
content-length
4958
x-xss-protection
1; mode=block
x-request-id
4fcb1e41-50d2-4043-adb7-dfa741a374be
last-modified
Fri, 11 Nov 2022 21:56:44 GMT
x-thanos
0AB1D111
etag
W/"d90f88fa40b545a289d34957b165ffb3"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 27 Oct 2023 02:38:37 GMT
globo-ab.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.4.0/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.4.0/globo-ab.min.js?loading-agent=global-webdeps
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e8bf9ccc765b5576c8b86e1f75a308e112cea4c1ead476dcf94720d10fa6fb0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
gzip
x-openstack-request-id
txb843772de37e4e038bd32-00653aef5d
last-modified
Thu, 12 May 2022 20:00:29 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1652385628.79171
cache-control
public, max-age=180
x-trans-id
txb843772de37e4e038bd32-00653aef5d
x-request-id
8735a107-dd64-4186-b50b-6192a99ec25d
globo-ab-v2.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/globo-ab-v2.min.js?loading-agent=global-webdeps
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
60b0f8f7a630b8cf83d4c29ddd3e6e614b119208fe97a96cae6dc6311541671b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
gzip
x-openstack-request-id
tx723d4d1dce49453980423-006539c47a
last-modified
Wed, 24 Oct 2018 17:17:43 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1540401462.48634
cache-control
public, max-age=86400
x-trans-id
tx723d4d1dce49453980423-006539c47a
x-request-id
c92649ae-15aa-424b-aae3-9762a9280f21
globo-ab.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/globo-ab.min.js?loading-agent=global-webdeps
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
gzip
x-openstack-request-id
txb4e1ce78ff05423bb105e-00653aef72
last-modified
Tue, 19 May 2020 15:37:59 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1589902678.74751
cache-control
public, max-age=180
x-trans-id
txb4e1ce78ff05423bb105e-00653aef72
x-request-id
e3c16ffc-5441-4d58-9bbb-a0ec6273565f
cdb
bidder.criteo.com/ 		0
195 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.17.0&cb=89887906580&lsavail=1&bundle=2pJ8J19aYVNOUG13Rms5Zlg0cDRRZm4xV1ZCQ1BLeFFhUVVtQmE0bFNoNlM2ejlUUzFjWVRSM0ViczJ0cWtNWGNFaldSdDhjbzlNRkNlUk1vT1VEQ0dOZzVYOVBDQmxkVGlMczFZQzlWJTJCY2Q3UzNYRnQlMkZlaGFtVHh5aE5lZEJ2SDhDVmt5M3VNb0k4N2FaVHVZJTJCWmNMeWsxdkElM0QlM0Q
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:47 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
s.seedtag.com/c/hb/ 		11 B
409 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
via
1.1 google
server
openresty
etag
W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
prg.smartadserver.com/prebid/ 		0
338 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.59 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:46 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
583 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:47 GMT
an-x-request-uuid
b6b3949c-06d9-4c45-a74b-dd96db24ecdc
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		635 B
669 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=280410&zone_id=1398992&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=98536ede-4442-4946-ba86-d40cee812f74%5E1&rf=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&tg_i.domain=oglobo.globo.com&tg_i.page=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&tg_i.adunit=85042905_info.web.oglobo%2Frio%2Fmateria&tg_i.aupname=%2F85042905.*%26.*top.*&tg_i.pbadslot=%2F85042905%2Finfo.web.oglobo%2Frio%2Fmateria%23mc-container-top&tk_flint=dmpbjs_v8.17.0&x_source.tid=a3bf9b84-63c4-4f2e-a478-e6067901d27b&l_pb_bid_id=1051b0f3b842739&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=47be4ba9-345f-4932-85b3-70dcd496a197&rp_maxbids=1&p_gpid=%2F85042905%2Finfo.web.oglobo%2Frio%2Fmateria%23mc-container-top&slots=1&rand=0.49390826088459483
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c7697ac4d867ff6d0ccf97c2a342c11006e9ab74c609cae61deffa4a4a95b79c

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:47 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
635
expires
Wed, 17 Sep 1975 21:32:10 GMT
cacheableShow
buy.tinypass.com/checkout/template/ Frame E9E6 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff86791027138660afd5f4e533f066204d4fa2a9ce522be16e90a5fbcefd40c8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
81c652babee92c3d-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Thu, 26 Oct 2023 23:01:47 GMT
expires
Thu, 26 Oct 2023 23:16:47 GMT
last-modified
Thu, 26 Oct 2023 23:01:47 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.001
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-119-207
x-forwarded-https
on
x-request-id
Mzyr53saMhk
x-xss-protection
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 095D 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa6838f52c5089098479e6ca29e91f152a6642ccffd32a9d8f77cce14db258b0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
81c652babeeb2c3d-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Thu, 26 Oct 2023 23:01:47 GMT
expires
Thu, 26 Oct 2023 23:16:47 GMT
last-modified
Thu, 26 Oct 2023 23:01:47 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.002
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-113-93
x-forwarded-https
on
x-request-id
Mzyr53ssbca
x-xss-protection
0
__inventory.gif
query.petametrics.com/v1/ 		35 B
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v1/__inventory.gif?ts=1698361307315&jsk=2v84n8g15c1895dv&jsv=20230912&cu=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&item=%7B%22section%22%3A%5B%22Rio%22%5D%2C%22type%22%3A%5B%22article%22%5D%2C%22description%22%3A%5B%22Quatro%20policiais%20civis%20em%20viaturas%20da%20Delegacia%20de%20Roubos%20e%20Furtos%20de%20Cargas%20escoltaram%2016%20toneladas%20de%20maconha%22%5D%2C%22title%22%3A%5B%22Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF%22%5D%2C%22locale%22%3A%5B%22pt_BR%22%5D%2C%22site_name%22%3A%5B%22O%20GLOBO%22%5D%2C%22image%22%3A%5B%22https%3A%2F%2Fs2-oglobo.glbimg.com%2Ff9rY6ct6lIp_-_B088j6FBWv5tY%3D%2F600x0%2Ffilters%3Aquality(70)%2Fhttps%3A%2F%2Fi.s3.glbimg.com%2Fv1%2FAUTH_da025474c0c44edd99332dddb09cabe8%2Finternal_photos%2Fbs%2F2023%2FB%2Fa%2FXSu2nSQEe2hGS4B4Q1Ng%2Fwhatsapp-image-2023-10-19-at-09.12.36.jpeg%22%5D%2C%22image%3Awidth%22%3A%5B%221200%22%5D%2C%22url%22%3A%5B%22https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%22%5D%2C%22id%22%3A%5B%22https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%22%5D%2C%22authors%22%3A%5B%22Giulia%20Ventura%2C%20Paolla%20Serra%20e%20Rafael%20Soares%22%5D%2C%22published_time%22%3A%5B%222023-10-19T07%3A21%3A17-03%3A00%22%5D%2C%22modified_time%22%3A%5B%222023-10-19T15%3A05%3A03-03%3A00%22%5D%2C%22image145%22%3A%5B%22https%3A%2F%2Fs2-oglobo.glbimg.com%2F3N6pxdETWTy2mZ77Tqi7LXI4rsc%3D%2F145x87%2Fsmart%2Ffilters%3Astrip_icc()%2Fs2-oglobo.glbimg.com%2Ff9rY6ct6lIp_-_B088j6FBWv5tY%253D%2F600x0%2Ffilters%253Aquality%252870%2529%2Fhttps%253A%2F%2Fi.s3.glbimg.com%2Fv1%2FAUTH_da025474c0c44edd99332dddb09cabe8%2Finternal_photos%2Fbs%2F2023%2FB%2Fa%2FXSu2nSQEe2hGS4B4Q1Ng%2Fwhatsapp-image-2023-10-19-at-09.12.36.jpeg%22%5D%2C%22image105%22%3A%5B%22https%3A%2F%2Fs2-oglobo.glbimg.com%2FPRu2CcLsdE7DWmMOWkvtv6alM3c%3D%2F105x105%2Fsmart%2Ffilters%3Astrip_icc()%2Fs2-oglobo.glbimg.com%2Ff9rY6ct6lIp_-_B088j6FBWv5tY%253D%2F600x0%2Ffilters%253Aquality%252870%2529%2Fhttps%253A%2F%2Fi.s3.glbimg.com%2Fv1%2FAUTH_da025474c0c44edd99332dddb09cabe8%2Finternal_photos%2Fbs%2F2023%2FB%2Fa%2FXSu2nSQEe2hGS4B4Q1Ng%2Fwhatsapp-image-2023-10-19-at-09.12.36.jpeg%22%5D%2C%22categoria_materia%22%3A%5B%22%22%5D%2C%22category%22%3A%5B%22oglobo-rio%22%5D%2C%22protected%22%3A%5B%220%22%5D%2C%22teaser%22%3A%5B%220%22%5D%2C%22sponsored%22%3A%5B%220%22%5D%2C%22tag%22%3A%5B%5D%2C%22content_type%22%3A%5B%22noticia%22%5D%2C%22opinion%22%3A%5B%22false%22%5D%2C%22content_tier%22%3A%5B%22%22%5D%2C%22location%22%3A%5B%22country%3Abrazil%22%5D%2C%22publisher%22%3A%5B%22%22%5D%7D&ttl=0
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
gtm.js
www.googletagmanager.com/ 		367 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P4R423
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/oglobo/prod/lib-pub-relay-oglobo-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f104.1e100.net
Software
Google Tag Manager /
Resource Hash
37d264524d1d0552a18a0b060154f1cc06b99c57fd60bfdfff5262c195465c43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99317
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 22:26:03 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 26 Oct 2023 23:01:47 GMT
ns.html
www.googletagmanager.com/ Frame D1E8 		934 B
567 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-P4R423
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/oglobo/prod/lib-pub-relay-oglobo-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f104.1e100.net
Software
Google Tag Manager /
Resource Hash
7bab8552ef40273d5c6b442e9e2ef67622abba0557dbf06361eb72ddd237adfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
247
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 23:01:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
config
c.amazon-adsystem.com/cdn/prod/ Frame DF86 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Foglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by
Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
2e68bdf94f42cdc9bcb7fb6471cc82bbdf3cee353dae1e5760a5d7068d9de1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 20:18:03 GMT
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
9823
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3753
x-amz-cf-id
NXwq4bvcgDxHWCFYRdI6jqxKzBZ8J4MoKcKqqqgU6Zs-OyhhKouzDA==
ads
securepubads.g.doubleclick.net/gampad/ Frame DF86 		31 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3342239636537992&correlator=3354398553956005&eid=31078136%2C31078932%2C31079072&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fifs&iu_parts=138871148%3A85042905%2Coglobo.globo.com.dw.970x250.inter&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250&fluid=height&ifi=1&didk=145511691&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2c4527b28f861de0%3AT%3D1698361305%3ART%3D1698361305%3AS%3DALNI_MbMrATG-CZl3k8e9UCgtgzKkTBCVA&gpic=UID%3D00000ca9fd040cec%3AT%3D1698361305%3ART%3D1698361305%3AS%3DALNI_MaRMr9VQqPMTXEkFpMQOzPmPmbpgA&arp=1&abxe=1&dt=1698361307372&lmt=1698354107&adxs=315&adys=3273&biw=1600&bih=1200&isw=970&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=2ydwsdh53xp3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&ref=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&top=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&vis=1&psz=970x0&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=1412995754.1698361307&ga_sid=1698361307&ga_hid=897934973&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYhtPj8bYxSABSAghkEjsKCnB1YmNpZC5vcmcSJDk4NTM2ZWRlLTQ0NDItNDk0Ni1iYTg2LWQ0MGNlZTgxMmY3NBjx1ePxtjFIABIdCg5lc3AuY3JpdGVvLmNvbRiG0-PxtjFIAFICCGQSFwoIcnRiaG91c2UYhtPj8bYxSABSAghkEhkKCnVpZGFwaS5jb20YhdPj8bYxSABSAghkEhQKBW9wZW54GIXT4_G2MUgAUgIIZBIbCgxpZDUtc3luYy5jb20YhdPj8bYxSABSAghk&dlt=1698361305758&idt=119&prev_scp=refreshcounter%3Doriginal%26amznbid%3D2%26amznp%3D2%26hcmviewable%3Dfalse&cust_params=safeframe%3Doff%26hcmschain%3D288%26mycodedomain%3Dglobo.com%26amznbid%3D0%26amznp%3D0&adks=939703275&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
241186f85b02a24871a6d908b63f204132bec070ff700b175d3bcf0b3f12094a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13469
x-xss-protection
0
google-lineitem-id
5770955185
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138360694999
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DF86 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310190101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
70ebb327d7038dbe26f13b6f8688b65d77c4f46fe565fbe7d0d9302895407871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12242
x-xss-protection
0
container.html
05c502ba649bf3c992463b0855105ee3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2A77 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://05c502ba649bf3c992463b0855105ee3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 23:01:47 GMT
expires
Fri, 25 Oct 2024 23:01:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame DF86 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.232.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-232-182.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 26 Oct 2023 23:16:47 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame DF86 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 02:03:18 GMT
content-encoding
gzip
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
75510
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
V7hI1R3a21exnp0pgdbXnUAz0gsIt6Q-3OSUe_5tzqxtBU0edjiS1g==
hadron.js
cdn.hadronid.net/ Frame DF86 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&ref=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&_it=amazon&partner_id=407
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.36.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907P0TB94S36DGVM
age
532
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
81c652bd6b931c44-FRA
x-amz-id-2
h/ONXLwae6iM09gh9FAps6RtAYH3Y0Kwsp/Odih6j7jcgPhpo1/xVSCaJJeV+QY3MnwBFDbKvY0=
92bb6886-83
aps.zqtk.net/ Frame DF86 		0
0
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame DF86 		142 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c50ffbb0d5049173748e6468980ae6811d8c7effecb8c7428984ea00734545fa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 08:11:43 GMT
server
cloudflare
x-amz-request-id
85VX6K1WK8KDXANP
age
1717
etag
W/"f782ea030d6823bac929128fb89f783a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
81c652bb586bbbd9-FRA
x-amz-id-2
XoyjN5eBRzfOYVg1sA8PuP1xV7Bk9Ddn9XrM7czqjwc2gKMasduypuLFDauD22XD4HObGvPwd34=
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame DF86 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.232.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-232-182.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Thu, 26 Oct 2023 23:16:47 GMT
map
bcp.crwdcntrl.net/6/ Frame DF86 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.64.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-64-164.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
fbd5253e9e6e0032c6be10c874eba8c316a8e0adc387831f46416661b1908c38

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:47 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache
x-server
10.45.5.184
access-control-allow-credentials
true
content-length
60
expires
0
schemas
horizon-schemas.globo.com/ 		148 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://horizon-schemas.globo.com/schemas
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.117 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-117.prt.globo.com
Software
/
Resource Hash
f27df02646b039f3416255bfd9722fc82e64ce1ea9bf34443da85cf4a681d194

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
content-encoding
gzip
via
2.0 CachOS
x-bip
8332269 asra01mp14lx02ca01.globoi.com
age
7166
content-length
13969
x-request-id
66e33acb-e10f-4c07-ba84-04939728bbd8
x-thanos
0AB0D094
vary
Accept-Encoding, X-Forwarded-Proto, Accept-Encoding, Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
max-age=7200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
user,User-Agent,Content-Type,GLBID,GLBUID,GST
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame E9E6 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
2203
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 23 Oct 2023 01:57:00 GMT
wn
prod-dash-10-0-143-107
server
cloudflare
etag
W/"26850-1698026220000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
81c652bbafa92c3d-FRA
expires
Fri, 27 Oct 2023 01:01:47 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame E9E6 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1464983
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBOMae5RV4LuhpsfIeePr6lUQmPPfjXd9F5mdD21TJGc0Hzs0WTVZ2bOg2%2F%2BOrnLgelKhnjZplZZErKOqQANAVZEt0GWCte26SJ3A%2Ba3Ss9fyjZp8ae6DH0Os9Ea2pb%2B5Smw7Aqo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bddf863808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame E9E6 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3125397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5Dm1Jy0tBd7aEnzCDJklAIaJTSZMy%2BnjVUiuNStf9CeyG3WP2V5RJKxF6r7SDh0rcprpRn9t%2Bc7r0CBscCOOU55KUE9xcJPAd%2FYCjcdIaPNLGaxpXCapN6pMut1JxFc0tfzn%2F2k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bdefcb3808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E9E6 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1463949
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRNcNqD5U%2B4DTDDHUwg698fcbuOtmDs7vLDQQg%2FxQcA4YApa4iDlgoorng4U7hwCEhZyyxH5ZtEfPLvewUPPyhYi%2BUBQB02qCK34lyh0%2FmMNHLa%2Fbxx%2B3D8YQG8nIZDYpvMOrXgC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bdefca3808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E9E6 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
185111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxljfGDF2dGDjebZz8TYtoSsSNPMmvG7ICzbq1%2FTW%2BruK72%2FM9q0qeZ4eJS2F1Kf8ZlT69ujnG21vNeMNbgp6ZFnABoypeDLP2Q85JwVXF%2BAu8qXcA1QDChfGTeJtKSSkTqNwTP%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bdefc93808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E9E6 		825 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6114414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
434
last-modified
Thu, 22 Jun 2023 10:45:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942631-1b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WnZeB4O%2FvCnCV1brBniuuT3PfMfcB9wJvBkUaPyF3SkQp7WFucMd0htvyKfA2B8ef7xyupxox4Fav4TqYYDvEutnHBfgYrGrJITErBo2ltoYwChCQZcx5lyqCO0AUhdsSaozDL4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bdefc83808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame E9E6 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1620042
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTtfQKdpg3OjxtkvpV8xkTkuQZvnPmk9MuoZvOe2a0nSG7tauBTc5M1F8NuugHnraKPJ9utuNFTriTdPZNFXiM3nqgKBVpVRXeNr1RFjmNSr18dShzHj2odKq7MKu%2BOrYoW4t8Y5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bdefc73808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame E9E6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12888995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4RjdYHZ0lJd%2Fj05nIgZI3IdLh%2BHPigmVXpYyoUF9ckaKbWEyAiYLyPbaTfQM%2BycZ7oUwnTkXYmxVU%2FV9ix3hmkknxQkBB3YUwO2BzA04ImpTTvzDDLiTS6q0bg1QB3H3voAYcxA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bddf8a3808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame E9E6 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
15758344
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lOH%2BFyL4EmX81JKSyKoUdjhdLAbvXsAVOAbaRe5uCS%2BNCV4HAoy434KrUU%2FD9nEHW7a6NzUhDTCvvhK5LpSK51iV6rrUe38UDa6obVdrjXtJjFFGIrKU5RoS2e5SA%2BmLb916g%2B8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bdefc33808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame E9E6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5937115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
911
last-modified
Thu, 22 Jun 2023 10:45:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942630-38f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rzIn4WmHluE2ySjYmDNgugTwHxtzBypATYmNF%2B4Q8JwL82dmgVOTACCJpECMN552YJpDCa4fzVeenEdXG%2BlnfOUh1xXnfmoo5qxhLie%2FRsYYvLOo78hKMRtktemwGgT7uXS07iD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bdefc63808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame E9E6 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8557079
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6935
last-modified
Thu, 22 Jun 2023 10:45:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"6494262f-1b17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsgJuLZYPbhHdpR6m%2BAQF1eAVkLMfdO9jZr%2FiiguKSASMPyV9%2Basg6gMvO4JCI1OXl0YcjOzzJy91TYhnbYdIr7hY3SbvymW%2FnaK51Mw4XCr10Gkg2EqLXQN89tTdJRWMCARkENQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bdefc53808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame E9E6 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=GTCopIDc5z&version=1483354452000&language=pt_BR
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e203fc1358e2baa0e35cf6999e059b111046b3e42813527475bdbc1759556c10
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mzyr53sce2c
pragma
wn
prod-dash-10-0-119-207
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.002
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
81c652bbafb22c3d-FRA
expires
Fri, 27 Oct 2023 19:01:47 EDT
platform-translation-map_pt_BR.js
buy.tinypass.com/ng/common/i18n/ Frame E9E6 		140 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_pt_BR.js?version=16.29.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42089c06ddf7f8f081e655b3538b4e3cc7a2d932bb3ea30965bf7e3c9d5422b5
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
38198
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 23 Oct 2023 01:57:00 GMT
wn
prod-dash-10-0-134-198
server
cloudflare
etag
W/"143181-1698026220000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.000
cache-control
public, max-age=86400
cf-ray
81c652bbafb32c3d-FRA
expires
Fri, 27 Oct 2023 23:01:47 GMT
H4sIAAAAAAAA_z3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA
buy.tinypass.com/_sam/ Frame E9E6 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA?compressed=true&v=16.29.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed24c81f8f95e519a9703a474c7b15b7c6f3413d346332190b01a3ee86e59a2b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
596
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 25 Oct 2023 13:33:22 GMT
wn
prod-dash-10-0-91-21
server
cloudflare
optimized-by
_sam
vary
Accept-Encoding
content-type
text/javascript
server-time
0.000
cache-control
public, max-age=604204
cf-ray
81c652bbafb42c3d-FRA
expires
Thu, 02 Nov 2023 22:51:51 GMT
css2
fonts.googleapis.com/ Frame E9E6 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
216c8994eeb343b3588f234794df0cca8958d6c72b01b510b4156bc2d03a3840
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 22:16:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Oct 2023 23:01:47 GMT
style.css
buy.tinypass.com/checkout/template/ Frame E9E6 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/style.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
vary
accept-encoding
content-type
text/html
cache-control
public, max-age=1200
cf-ray
81c652bbafb12c3d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 26 Oct 2023 23:21:47 GMT
footer-desk.gif
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/Footer_Piano/Gabigol/ Frame E9E6 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/Footer_Piano/Gabigol/footer-desk.gif
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
9a1e01c462c07c1fb53698e6ddb13d646c69e45b0bc68aaa77b9b938a1bcb47d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
x-openstack-request-id
txddb853331bab49809899e-00653aefc7
last-modified
Fri, 04 Aug 2023 20:28:19 GMT
x-thanos
0AB24042
etag
88b30bab4a792405f54fe17030d3599c
vary
Accept-Encoding, Origin
content-type
image/gif
x-timestamp
1691180898.00849
cache-control
public, max-age=180
accept-ranges
bytes
content-length
6883
x-trans-id
txddb853331bab49809899e-00653aefc7
x-request-id
d13ad549-1f2b-4e6e-885c-c350510374d9
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 095D 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
2203
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 23 Oct 2023 01:57:00 GMT
wn
prod-dash-10-0-143-107
server
cloudflare
etag
W/"26850-1698026220000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
81c652bc0fff2c3d-FRA
expires
Fri, 27 Oct 2023 01:01:47 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 095D 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1464983
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsfpZBUu4YkoWQwwNKENOH0gJiv7j5FGgzjx%2BCNCIbB6ZSWNp8Y%2Bx84uGgX1Ym3zfSL3nBUM%2BMhhpzAAaqmdVYHij67MBMd4EindHIJLb3UL8Sj6%2BzVMpCPIVsIyS%2BRtqXgFdszo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bddf923808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 095D 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3125397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rORHwF53CDY7Sbe7IUzJSpSckXxLEuPw8fK7zhizGzNzg%2FwC94UGqJcCdAz9Al7C8zeYaHVvUcUos29azZNTlMDPW6I9ZfVN0MG90hrCixNI2JbhuwsG9YiQsSPcXVUZGmwwbVE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bddf903808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 095D 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1463949
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdP1%2BeLm34TnPXLTBkrAE1UJSakI78SOkSFLyDFJYsxB7KsmWx3GBnufCs%2BNHvuBBkRnq3bl9uUnGkFge49hdrIlALjP%2BKsr1M3NktPxKhTA7rw5HwFskWDmasuRnD2JhWKt97JX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bddf8d3808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 095D 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
185111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQaDG4iz225VWATGCUIGTWmkgjgMSZ%2BUzZUg8OWY%2BWhITF%2B7i4YjXUr1FDt4p2ia%2BYy%2B5yTKTdNqw4PmPTRjYXeMG50g87KtGs3tpfbX9xhKOmw2wh7yM5kNYoI3B9ZoqWpZi%2BFV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bdefbd3808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 095D 		825 B
715 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6114414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
434
last-modified
Thu, 22 Jun 2023 10:45:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942631-1b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfcNAYj8HmMRAEetxM52W724kOxDbDbO%2Bms5ufaLEe5CU%2BC0pHY7Iz6k4oHjaUdKWeCW5j41Zg9u8qjUxnUt7upjmNSpTWxt%2FvNSTeq3oAoXP%2FaJ2SA3BN0mnBAHY8rHIy9WBsrD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bdefba3808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 095D 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1620042
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypsThNYeLfdJg4ZEz1KPhhdXsPyj4hrusdZvGR7wwBbn5HGUy8wssmMTNqpmn9yDN6jN8K826HW7XWWhpM%2BjiF4LNbLuc762oHwv5Qjwr50iXc%2F4gu%2FTB4i1agfu83phqRQKYOUz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bddf993808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 095D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12888995
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yURwqz7oJLwMPuqCNXkIKxMCxqiskTYubPY1Vvk1Hh%2Bg%2FYFmkyJ28JPF2L7saeGSd%2FYoKdq%2B1eM%2FLtWYhzzDvh%2BCSPwpKu%2Fi0HIQiKWwV14N2O%2F%2F0%2FwXmNvU%2FKfjMbhHa%2BFqcJTC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bddf973808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 095D 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
15758344
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lq8jPyHZY5xkgVo4YHOlX2KinbHEYM3H0ebCylNbIatL%2BvtlNiQyHJbhkuGnBpwQIwLfygzi9TgZEvG2zu%2B1sSKjFRcUhbgJFtbh2Ql8NWz%2FobCntmiVb5%2BJNkmqGl7Vbk6QEJE1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bddf943808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 095D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5937115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
911
last-modified
Thu, 22 Jun 2023 10:45:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942630-38f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVkxFqjPHcFXjwX6hFMYjP9MkJgb9T4ahds4k1QSufY%2FSBMNdlN9rLnGPZDzuhAPU%2BbTX7%2Fi%2B%2BelNy28l50AANqk%2BtZutQrrq0kCD%2FSQdRoK36vQSl1AJR5juLSh6aBGeqn7uRtU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bdefc13808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 095D 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8557079
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6935
last-modified
Thu, 22 Jun 2023 10:45:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"6494262f-1b17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FHkX%2Fj%2F0Eg1SLJW%2FgrT57C2SdNsY1tTvEYhQdfY92VfpPk8eZxL8r%2BTM57ncQrW7drF8qhqIO865YETF%2BMCzpEaosnLTJR7YiDT3fEi%2F4Zo2zNRSHeDwvFEvkQQCzoRnxN%2Fkg5h"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652bdefbf3808-FRA
expires
Tue, 15 Oct 2024 23:01:47 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame 095D 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=GTCopIDc5z&version=1483354452000&language=pt_BR
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e203fc1358e2baa0e35cf6999e059b111046b3e42813527475bdbc1759556c10
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mzyr53st1do
pragma
wn
prod-dash-10-0-119-207
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.002
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
81c652bc08022c3d-FRA
expires
Fri, 27 Oct 2023 19:01:47 EDT
platform-translation-map_pt_BR.js
buy.tinypass.com/ng/common/i18n/ Frame 095D 		140 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_pt_BR.js?version=16.29.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42089c06ddf7f8f081e655b3538b4e3cc7a2d932bb3ea30965bf7e3c9d5422b5
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
38198
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 23 Oct 2023 01:57:00 GMT
wn
prod-dash-10-0-134-198
server
cloudflare
etag
W/"143181-1698026220000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.000
cache-control
public, max-age=86400
cf-ray
81c652bc08032c3d-FRA
expires
Fri, 27 Oct 2023 23:01:47 GMT
H4sIAAAAAAAA_z3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA
buy.tinypass.com/_sam/ Frame 095D 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA?compressed=true&v=16.29.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed24c81f8f95e519a9703a474c7b15b7c6f3413d346332190b01a3ee86e59a2b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
596
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 25 Oct 2023 13:33:22 GMT
wn
prod-dash-10-0-91-21
server
cloudflare
optimized-by
_sam
vary
Accept-Encoding
content-type
text/javascript
server-time
0.000
cache-control
public, max-age=604204
cf-ray
81c652bc08042c3d-FRA
expires
Thu, 02 Nov 2023 22:51:51 GMT
style.css
buy.tinypass.com/ Frame 095D 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/style.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
vary
accept-encoding
content-type
text/html
cache-control
public, max-age=1200
cf-ray
81c652bc08012c3d-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 26 Oct 2023 23:21:47 GMT
css2
fonts.googleapis.com/ Frame 095D 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=ADLaM+Display&family=Merriweather&family=Open+Sans:wght@300;400;500&family=Phudu:wght@300&family=Poppins:wght@300&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
d409a0633bf4577a8909f931efc35791643cd52e5db259a4ad8588e98dc6e929
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 23:01:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Oct 2023 23:01:47 GMT
unlock%20(3)%20(1).png
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/barreiraNewsLetter/ Frame 095D 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/barreiraNewsLetter/unlock%20(3)%20(1).png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
0ba44cc22b30c7ef8e540e50e57a2ebde74fa5e1cbf1fc41778e01e97ef1811e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
x-openstack-request-id
tx223a743b86534a6186264-00653aef7d
last-modified
Wed, 11 Oct 2023 14:44:51 GMT
x-thanos
0AB24042
etag
bfa02be7eaf6a57b40f0ed0714fe26f3
vary
Accept-Encoding, Origin
content-type
image/png
x-timestamp
1697035490.04973
cache-control
public, max-age=180
accept-ranges
bytes
content-length
1276
x-trans-id
tx223a743b86534a6186264-00653aef7d
x-request-id
86ad0906-3dcf-4adc-aabb-5957c7860c82
104721934-the-security-council-votes-on-a-draft-resolution-on-the-situation-in-the-middle-east-the.jpg
s2-oglobo.glbimg.com/luV6g1bCr2sMrvf5iV-zVbIgs5Q=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/i/c/K8jVKiSvyivot6n822UA/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-oglobo.glbimg.com/luV6g1bCr2sMrvf5iV-zVbIgs5Q=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/i/c/K8jVKiSvyivot6n822UA/104721934-the-security-council-votes-on-a-draft-resolution-on-the-situation-in-the-middle-east-the.jpg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
cf31a053caf064aa8c0088c7b460619ed811b3379e5da3277b44ffec7e53d543

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
via
2.0 CachOS
x-bip
542740836 ra09 20 01
age
257939
x-cache-server
thumbor/nginx-cache
content-length
44004
x-cached
HIT
x-request-id
aaeeb55c-3aba-46fb-8e52-2db45fb8e79e
x-forwarded-host
s2-oglobo.glbimg.com
x-thanos
0AB4D003
etag
"3b4803f6e6792b669a4c8b1c0c3800969f7495a6"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 22 Nov 2023 23:21:13 GMT
whatsapp-image-2023-10-25-at-16.17.57.jpeg
s2-oglobo.glbimg.com/7lxMpK648vo0IVE2zR0ebrG5NLQ=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/i/6/tCzwgXTJe1IgxOuWOxNg/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-oglobo.glbimg.com/7lxMpK648vo0IVE2zR0ebrG5NLQ=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/i/6/tCzwgXTJe1IgxOuWOxNg/whatsapp-image-2023-10-25-at-16.17.57.jpeg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
7fb6cafd25204c08e023979c7b5715b5fefb88ae7291be72639841738b767400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
via
2.0 CachOS
x-bip
555038504 ra09 20 01
age
99087
x-cache-server
thumbor/nginx-cache
content-length
25860
x-cached
HIT
x-request-id
8df9f2e4-f599-4c30-bd11-c68946751f30
x-forwarded-host
s2-oglobo.glbimg.com
x-thanos
0AB4D003
etag
"a4d80a1cd97eb2fa0225648642d7099060779ae4"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 24 Nov 2023 19:28:16 GMT
arte-3-.png
s2-oglobo.glbimg.com/mk9EDvsj4x5W5R48Y7H1NL5fBsk=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/m/g/AoWoQMSQy36qS0S5aNqw/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-oglobo.glbimg.com/mk9EDvsj4x5W5R48Y7H1NL5fBsk=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/m/g/AoWoQMSQy36qS0S5aNqw/arte-3-.png
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
f09f980e23145b9675c2817230abbd93909299ca085bf1f05aa137d8b47d441f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
via
2.0 CachOS
x-bip
556473171 ra09 20 01
age
484
x-cache-server
thumbor/nginx-cache
content-length
15890
x-cached
HIT
x-request-id
6197a3ed-5c36-4eca-9384-5f08b72d0b74
x-forwarded-host
s2-oglobo.glbimg.com
x-thanos
0AB4D003
etag
"ebcc9e99f578b8189f5ed3b11355c1f9e202502b"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sat, 25 Nov 2023 22:51:21 GMT
fb1719bb-7406-477e-9bda-b5f0b4f27de1.jpg
s2-oglobo.glbimg.com/xx9HpiL4gBAsjWvQfPPhbjBpni8=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/I/b/4FCog6REaIKswBgKKPqA/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-oglobo.glbimg.com/xx9HpiL4gBAsjWvQfPPhbjBpni8=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/I/b/4FCog6REaIKswBgKKPqA/fb1719bb-7406-477e-9bda-b5f0b4f27de1.jpg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
349a9300531f74e6fd0ad228702eedeff234c0e98b2f9a53f79941ac329c8247

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
via
2.0 CachOS
x-bip
530631558 ra09 20 01
age
94564
x-cache-server
thumbor/nginx-cache
content-length
47118
x-cached
HIT
x-request-id
0af9513e-0f24-4003-b99d-e11d6d2c7525
x-forwarded-host
s2-oglobo.glbimg.com
x-thanos
0AB4D003
etag
"6942b666f057bbe9fb5263977eac297fa15026f0"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 24 Nov 2023 20:44:58 GMT
104816182-topshot-a-law-enforcement-official-moves-a-road-block-into-place-blocking-the-road-t.jpg
s2-oglobo.glbimg.com/HNsPLdmuxYkJg4acaF5VAroKgHU=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/Q/r/Ml7FpzTgyHBxf7GuhJ8g/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-oglobo.glbimg.com/HNsPLdmuxYkJg4acaF5VAroKgHU=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/Q/r/Ml7FpzTgyHBxf7GuhJ8g/104816182-topshot-a-law-enforcement-official-moves-a-road-block-into-place-blocking-the-road-t.jpg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
2547cb8f7cd698f78c49f604d2ec948844529dd35b253d6257bec9fd5f80ce37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
via
2.0 CachOS
x-bip
542740837 ra09 20 01
age
2020
x-cache-server
thumbor/nginx-cache
content-length
16874
x-cached
HIT
x-request-id
8e40871d-13a0-402c-bb92-1cf2ed0d2dfd
x-forwarded-host
s2-oglobo.glbimg.com
x-thanos
0AB4D003
etag
"4c66c4752bcce6e96d54a651e343a65a5ca8d5f1"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sat, 25 Nov 2023 22:27:51 GMT
silvinei1.jpg
s2-oglobo.glbimg.com/1Jo8MOB0ArOu1DuoWce0CTvCnoM=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/I/a/eAOu6mRGAmdIZdZGBdmg/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-oglobo.glbimg.com/1Jo8MOB0ArOu1DuoWce0CTvCnoM=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2023/I/a/eAOu6mRGAmdIZdZGBdmg/silvinei1.jpg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
6c6b1c93c9ae9d22f80b9bed89359bbe511d625cc7c685c9f6c37a9beffc0680

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
via
2.0 CachOS
x-bip
555038505 ra09 20 01
age
892
x-cache-server
thumbor/nginx-cache
content-length
14750
x-cached
HIT
x-request-id
fb9a0a79-7082-4e95-8ba4-e91a2ad8f54e
x-forwarded-host
s2-oglobo.glbimg.com
x-thanos
0AB4D003
etag
"4ec709f2055f34ba67baa484918369d9a9708176"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sat, 25 Nov 2023 22:42:54 GMT
100180551-ri-rio-de-janeiro-rj-16-08-2022-bndes-predio-do-bndes-na-avenida-chile.-fotos-de-fabio-r.jpg
s2-oglobo.glbimg.com/8-WooJcs4dVNjtzolKTBIxAu7r8=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2022/W/G/vhzsw3TX6cBktpp1omnQ/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-oglobo.glbimg.com/8-WooJcs4dVNjtzolKTBIxAu7r8=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/internal_photos/bs/2022/W/G/vhzsw3TX6cBktpp1omnQ/100180551-ri-rio-de-janeiro-rj-16-08-2022-bndes-predio-do-bndes-na-avenida-chile.-fotos-de-fabio-r.jpg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
69a3cb12deceb66bc0c6e0fc50c30e892d7e73d4001a79d8b7332d4932e8209f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
via
2.0 CachOS
x-bip
556473172 ra09 20 01
age
2614
x-cache-server
thumbor/nginx-cache
content-length
31390
x-cached
HIT
x-request-id
c0051b3d-4361-47fe-8f6f-88b66247c76f
x-forwarded-host
s2-oglobo.glbimg.com
x-thanos
0AB4D003
etag
"b1a73e798c4c787262116bf0b4824e637aad1296"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sat, 25 Nov 2023 22:16:04 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame DF86 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.232.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-232-182.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Thu, 26 Oct 2023 23:16:47 GMT
login.css
s.glbimg.com/pc/ca/ 		846 B
915 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/pc/ca/login.css
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
544974286 ra03 05 02 06
age
73390
x-cache-status
HIT
content-length
419
x-xss-protection
1; mode=block
x-request-id
0b02f0a0-c6ce-4c9d-95d7-c6e3463d13c6
last-modified
Fri, 11 Nov 2022 21:56:44 GMT
x-thanos
0AB1D111
etag
W/"263666896930a877f4ad09cc6d6e75ea"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/css; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 27 Oct 2023 02:38:37 GMT
logged
cocoon.globo.com/v2/user/ 		188 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cocoon.globo.com/v2/user/logged
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
86.153.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3f90f532523d2d2ca759f623769330937fae4cc7e7917ae2d54d121beaded708

Request headers

Referer
https://oglobo.globo.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
via
1.1 google
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
https://oglobo.globo.com
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
content-length
188
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
logged
cocoon.globo.com/v2/user/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cocoon.globo.com/v2/user/logged
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
86.153.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
https://oglobo.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://oglobo.globo.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Oct 2023 23:01:48 GMT
server
nginx
via
1.1 google
chooseAndIncrement
globo-mab.globo.com/mab/bastian-advwblt-r5:oglobo:desktop:multicontent:ep/ 		163 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://globo-mab.globo.com/mab/bastian-advwblt-r5:oglobo:desktop:multicontent:ep/chooseAndIncrement
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.52.213 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.52.198.35.bc.googleusercontent.com
Software
/
Resource Hash
d8ed0cd9845e1bae3f6c1a630b35533038bcb495b67dce6633d453cacea1f8f0
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
strict-transport-security
max-age=300; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
trace-id
52f6ae14cc632d69
access-control-allow-headers
user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID
chooseAndIncrement
globo-mab.globo.com/mab/bastian-advwblt-r5:oglobo:desktop:multicontent:dinamico/ 		169 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://globo-mab.globo.com/mab/bastian-advwblt-r5:oglobo:desktop:multicontent:dinamico/chooseAndIncrement
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.52.213 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.52.198.35.bc.googleusercontent.com
Software
/
Resource Hash
d13109aed7495008b024a898a42be44994ca8de5615734a6e238966435e10c47
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
strict-transport-security
max-age=300; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
trace-id
1ac4a9c16f3ab57e
access-control-allow-headers
user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID
view
securepubads.g.doubleclick.net/pcs/ Frame 3951 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuakiEjzQRfzixBbUJ3bFY6fKtpnMgi7uODFb999NesLESbeDHxmb6cZ8YnAFN4kgn3tpz_Lx6lB-ANME4kvVcPmPeW5mdes_WKWTBdTE-uk71C1tDtSLZl2iacG63Pb7HbiEFNbAa5PchqoCkWHDBua_LdMSb94UgzvK71slBixeSMl1DzngjycZF5PzKaAbMjmhc1sOA77kZzvOfCYPEUoy8iIXEt83wHqigMsviF4N-Eg0YVOiPBagDFgH-WsFNk4wiII6Ul6lq3Ai22BKvObV7YCr-0VNQ8V0fZ_M4KkJexDKPgrUhvV6YKl0jFfhuXoCAwAmJSuyFCkdZMrcQKrqRI59MG-yQvQGOw1bGG82FFsQRTQoboC-c_4NtP4ZEyg&sai=AMfl-YRg_fWEGcQGgm8d1Y4c03tZaO6Lk3NmtwPj-HMdU8gmkm5kBnyijXPyqJPzxalFj05pTHUy6-Ih_s6bR8lUKDndFib-hNxdBBWur_dN34InJ39dPJhNMh0vM9kGaQ&sig=Cg0ArKJSzNwtC26h9jGHEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
a9floorcheck.js
s3.amazonaws.com/script-tags/ Frame 3951 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/script-tags/a9floorcheck.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.204.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ff1f3fd5c645b504972939187912b4404dfdb1fae2e9f864fd1961b07680d684

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:01:48 GMT
Last-Modified
Tue, 07 Mar 2023 01:43:53 GMT
Server
AmazonS3
x-amz-request-id
S64FKDKFWREYYHDG
ETag
"25a66c3765b63515e5b06ddc75a35c84"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1319
x-amz-id-2
6g0vpMLojU3ioTLC96EK9PWrZvpcbyR07uA926lk+0iuLg+BKSvF5AuVPZul0dm6MxPOvOiXRVk=
prebidpubs.js
s3.amazonaws.com/script-tags/ Frame 3951 		438 KB
438 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/script-tags/prebidpubs.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.204.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
580c9732728168b6d52d88b58a1a89c30284ccf6e452ad49e00efd70714b9be8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:01:48 GMT
Last-Modified
Wed, 14 Jun 2023 17:56:49 GMT
Server
AmazonS3
x-amz-request-id
S642586H5Y2XNYJW
ETag
"363f3fe2b64366629bb3b4b1144491c7"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
448035
x-amz-id-2
vz1d4g4dXP25GVKNUboeYr+rGhK0wm9BcgoYIbbpy9fdqZ6LZw5Bkj6FGWxZbPS7BMLjzUyIm1g=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3951 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 23:01:47 GMT
ns.html
www.googletagmanager.com/ Frame BB17 		268 B
161 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-NXVN776&ancestors=GTM-P4R423&restrictions=&gtm.url=https%3A%2F%2Foglobo.globo.com%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-P4R423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f104.1e100.net
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.googletagmanager.com/ns.html?id=GTM-P4R423
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 23:01:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
ns.html
www.googletagmanager.com/ Frame B95E 		268 B
158 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-WSJ4QJD&ancestors=GTM-P4R423&restrictions=&gtm.url=https%3A%2F%2Foglobo.globo.com%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-P4R423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f104.1e100.net
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.googletagmanager.com/ns.html?id=GTM-P4R423
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 23:01:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
ns.html
www.googletagmanager.com/ Frame BB65 		268 B
158 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-M3GJS46&ancestors=GTM-P4R423&restrictions=&gtm.url=https%3A%2F%2Foglobo.globo.com%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-P4R423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f104.1e100.net
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.googletagmanager.com/ns.html?id=GTM-P4R423
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 23:01:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DF86 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js?cb=31079072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 23:01:48 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		38 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2341082111872422&correlator=2974045566059698&eid=31079125&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=85042905%2Cinfo.web.oglobo%2Crio%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90%7C970x250%7C1x1%7C970x150%7C1190x250%7C1190x150&ifi=2&didk=3740535728&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2c4527b28f861de0%3AT%3D1698361305%3ART%3D1698361305%3AS%3DALNI_MbMrATG-CZl3k8e9UCgtgzKkTBCVA&gpic=UID%3D00000ca9fd040cec%3AT%3D1698361305%3ART%3D1698361305%3AS%3DALNI_MaRMr9VQqPMTXEkFpMQOzPmPmbpgA&arp=1&abxe=1&dt=1698361307831&lmt=1698354107&adxs=315&adys=268&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&vis=1&psz=1600x250&msz=970x90&fws=4&ohw=1600&psts=AOrYGsnY9hWgGPcUyOkaaRnxt5Jd05I_-IbwSa6DLffPIXTZekj6225YizsYrIKYygZJl6hiB95I8EftybTGhUZJXglRnsZLdVgT&ga_vid=233865381.1698361305&ga_sid=1698361305&ga_hid=406410932&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYhtPj8bYxSABSAghkEjsKCnB1YmNpZC5vcmcSJDk4NTM2ZWRlLTQ0NDItNDk0Ni1iYTg2LWQ0MGNlZTgxMmY3NBjx1ePxtjFIABIdCg5lc3AuY3JpdGVvLmNvbRiG0-PxtjFIAFICCGQSFwoIcnRiaG91c2UYyNbj8bYxSABSAghsEhkKCnVpZGFwaS5jb20YhdPj8bYxSABSAghkEj4KBW9wZW54EixleUpwSWpvaWFXSmhSemhLUjA1U2MwTTBUV3Q1VFRsUGQxZHZkejA5SW4wPRiv1uPxtjFIABIbCgxpZDUtc3luYy5jb20YuNfj8bYxSABSAghq&cbidsp=CsUBCAESFQoGY3JpdGVvEJkEIAJSBmNyaXRlbxIXCgdzZWVkdGFnEOYDIAJSB3NlZWR0YWcSIwoNc21hcnRhZHNlcnZlchCcASACUg1zbWFydGFkc2VydmVyEhgKCGFwcG5leHVzECQgAlIIYXBwbmV4dXMSFgoHcnViaWNvbhAnIAJSB3J1Ymljb24YAiIkNDdiZTRiYTktMzQ1Zi00OTMyLTg1YjMtNzBkY2Q0OTZhMTk3KgQIAyAAMgd2OC4xNy4wQKwbSgA.&dlt=1698361302991&idt=2438&prev_scp=Editora.pos%3DTop%26rc%3Dmc-container-top_0&cust_params=ambient%3D%26tipo_pagina%3Dmateria%26editora.random%3D7%26Editora.url%3Dpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1698361304960%26prmtvvid%3D%26prmtvwid%3D&adks=3937151956&frm=20
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
2e75a16aa7dfdd7077c391823eb4ebd9caf0fa95d94011c9c32530b9f98852b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15974
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
80bb2e91-1b13-4386-aa90-9dc2ee652a65
https://oglobo.globo.com/ 		51 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://oglobo.globo.com/80bb2e91-1b13-4386-aa90-9dc2ee652a65
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d713909b911eeaf4131716dd697f841431e039e3bb9c6432a5553df9accaa3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length
52052
Content-Type
text/javascript
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame DF86 		190 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.215.202.146 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams01-convex-float1.dotomi.com
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Thu, 26 Oct 2023 23:31:48 GMT
hadron.json
id.hadron.ad.gt/v1/ Frame DF86 		105 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=407&sync=0&domain=oglobo.globo.com&url=https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&ref=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&_it=amazon&partner_id=407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6a16e1a98ca7a7675c9a984f427dcdc3000a4448ae4efdb9ba53b7a029a96a4

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
81c652c18dad3685-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=407&sync=0&domain=oglobo.globo.com&url=https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://oglobo.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
81c652c0dd423685-FRA
content-length
0
content-type
application/json
date
Thu, 26 Oct 2023 23:01:48 GMT
debug
OPTIONS block
expires
Fri, 25 Oct 2024 23:01:48 GMT
server
cloudflare
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4R423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 26 Oct 2023 21:51:32 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4216
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 26 Oct 2023 23:51:32 GMT
destination
www.googletagmanager.com/gtag/ 		242 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-SL5WEXQ2G6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4R423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f104.1e100.net
Software
Google Tag Manager /
Resource Hash
ae4ccd04857833bd4bfd7943677e73432c2463a113c4537b7e80521da543121a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85615
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 26 Oct 2023 23:01:47 GMT
gtm.js
www.googletagmanager.com/ 		162 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXVN776&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4R423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f104.1e100.net
Software
Google Tag Manager /
Resource Hash
2f120c013f117dd73526021044518726d9ed96cb09a1a15763b32efb3b98bbf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60450
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 22:12:35 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 26 Oct 2023 23:01:47 GMT
gtm.js
www.googletagmanager.com/ 		118 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WSJ4QJD&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4R423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f104.1e100.net
Software
Google Tag Manager /
Resource Hash
e84d4890b1ef69b895ffdeba89cf25d6ac22d2b5c69e801c50e85f320f81c0ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45997
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 22:26:03 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 26 Oct 2023 23:01:47 GMT
gtm.js
www.googletagmanager.com/ 		159 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3GJS46&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4R423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f104.1e100.net
Software
Google Tag Manager /
Resource Hash
a121d9af00134f138414f42a73143d428bec1d3bf2b7e495ca07b6472b115f4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59461
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 22:26:03 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 26 Oct 2023 23:01:47 GMT
101240.js
cdn.targeting.voxus.com.br/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.targeting.voxus.com.br/101240.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4R423
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.29.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5c206c8047b47f0eb92bbe98c8e0d44060e9763b8426548c2c11b4c1547f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2023 14:23:13 GMT
server
cloudflare
age
2450315
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
cf-ray
81c652c10f29365b-FRA
content-length
900
expires
Sat, 28 Oct 2023 14:24:31 GMT
ivc.js
gadasource.storage.googleapis.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gadasource.storage.googleapis.com/ivc.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.187 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f27.1e100.net
Software
UploadServer /
Resource Hash
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 22:24:48 GMT
content-encoding
gzip
age
2220
x-guploader-uploadid
ABPtcPovtySQwtqXP1y-DFSPdfvRdlmyNmMf_1fICUPx99J6V0QRLzGBatc4z9UDnQ-5uFJmsntmj7hWeXhDv7-_uVNnDg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24321
last-modified
Mon, 02 Sep 2019 19:50:51 GMT
server
UploadServer
etag
"cdaa61cbc24c48191196b45b31a7e18b"
vary
Accept-Encoding
x-goog-generation
1567453851562424
x-goog-hash
crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
content-type
text/plain
cache-control
public, max-age=3600
x-goog-stored-content-length
24321
accept-ranges
bytes
expires
Thu, 26 Oct 2023 23:24:48 GMT
lib-pub-ext-tags-oglobo-latest.js
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/oglobo/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/oglobo/prod/lib-pub-ext-tags-oglobo-latest.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P4R423
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e3f422ae8bc9e4874e20a1d051cc2cde9a2e2f0e84d8a4ef84a82d90b3b5cc79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
content-encoding
gzip
x-openstack-request-id
tx5caba26473634a26b2991-00653aef3a
last-modified
Tue, 07 Mar 2023 22:45:23 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
x-object-meta-mtime
1678228396.000000
content-type
application/javascript
x-timestamp
1678229122.74863
cache-control
public, max-age=180
x-trans-id
tx5caba26473634a26b2991-00653aef3a
x-request-id
a8c4d6e2-bc7c-40ad-ae95-76b30ee71fa4
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.64.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-64-124.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:22:08 GMT
content-encoding
gzip
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
20380
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
SLUJM00qGxLtk5Ag5nBH5ZfaNuz5AhhioLOB3K02K0YGR6G8BJl6uA==
expires
Fri, 27 Oct 2023 17:22:08 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.64.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-64-124.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 16:56:37 GMT
content-encoding
gzip
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
21911
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
lrZeZBFWnB1g57stAeSHh9BJcKzKQgstWIHiHWi9kd4djdeVvzwrQw==
expires
Fri, 27 Oct 2023 16:56:37 GMT
marfeel-sdk.js
sdk.mrf.io/statics/ 		126 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f85022ac62cf89e1e679ad1ec8e9d622910f2e9f24c3d17e3b2f91089ff1440

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
content-encoding
gzip
cf-cache-status
HIT
age
260
x-envoy-upstream-service-time
11
alt-svc
h3=":443"; ma=86400
content-length
35645
x-response-time
1ms
last-modified
Thu, 26 Oct 2023 22:57:28 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
81c652c0fece371a-FRA
fbevents.js
connect.facebook.net/en_US/ 		199 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 26 Oct 2023 23:01:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53588
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
8sv0UrK+YWkGrOZwhQtiFKhXOfZU2e9I7eS+VWOfgvDcgDf/UnRwn808Lc/KYg4zQcL+m0YOO1iTaTkQJSim1A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
loader.js
cdn.taboola.com/libtrc/editoraglobonetwork/ 		710 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7bb8f89246f3cab0ef1cbea671d9b7fb6fe8110564509ae29e05eb976593a39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
FSYAVqbgg9f4tULlUGBsK4pc3pvlsNOK
content-encoding
gzip
via
1.1 varnish
date
Thu, 26 Oct 2023 23:01:48 GMT
x-amz-request-id
M4G4SB4EPX14BGPG
age
30
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
116822
x-amz-id-2
0ddO4RJBG2BGjgXvTkpRw/HUUIv8Uvy51K9NqOD6NZjIgFMcxjJ4Jda3/2QoP0w2gGOfmmN8vKc=
x-served-by
cache-fra-eddf8230108-FRA
last-modified
Thu, 26 Oct 2023 14:30:22 GMT
server
AmazonS3
x-timer
S1698361308.040031,VS0,VE1
etag
"8e0ec6a1246a45d43874488c0c48622a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
33
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
ads
securepubads.g.doubleclick.net/gampad/ 		317 B
221 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2341082111872422&correlator=771117046148280&eid=31079125&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&iu_parts=85042905%2Cinfo.web.oglobo%2Crio%2Cmateria&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=3&didk=3851748554&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D2c4527b28f861de0%3AT%3D1698361305%3ART%3D1698361305%3AS%3DALNI_MbMrATG-CZl3k8e9UCgtgzKkTBCVA&gpic=UID%3D00000ca9fd040cec%3AT%3D1698361305%3ART%3D1698361305%3AS%3DALNI_MaRMr9VQqPMTXEkFpMQOzPmPmbpgA&arp=1&abxe=1&dt=1698361307960&lmt=1698354107&adxs=0&adys=9834&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&vis=1&psz=1600x77&msz=1600x0&fws=4&ohw=1600&psts=AOrYGsnY9hWgGPcUyOkaaRnxt5Jd05I_-IbwSa6DLffPIXTZekj6225YizsYrIKYygZJl6hiB95I8EftybTGhUZJXglRnsZLdVgT&ga_vid=233865381.1698361305&ga_sid=1698361305&ga_hid=406410932&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYhtPj8bYxSABSAghkEjsKCnB1YmNpZC5vcmcSJDk4NTM2ZWRlLTQ0NDItNDk0Ni1iYTg2LWQ0MGNlZTgxMmY3NBjx1ePxtjFIABIdCg5lc3AuY3JpdGVvLmNvbRiG0-PxtjFIAFICCGQSFwoIcnRiaG91c2UYyNbj8bYxSABSAghsEhkKCnVpZGFwaS5jb20YhdPj8bYxSABSAghkEj4KBW9wZW54EixleUpwSWpvaWFXSmhSemhLUjA1U2MwTTBUV3Q1VFRsUGQxZHZkejA5SW4wPRiv1uPxtjFIABIbCgxpZDUtc3luYy5jb20YuNfj8bYxSABSAghq&dlt=1698361302991&idt=2438&prev_scp=Editora.pos%3Din-image&cust_params=ambient%3D%26tipo_pagina%3Dmateria%26editora.random%3D7%26Editora.url%3Dpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1698361304960%26prmtvvid%3D%26prmtvwid%3D&adks=2565719643&frm=20
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b3f586be89dbe3e93f12ebe1e62a2df139c8b0cd930aa77e792cde22c5933fd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame E9E6 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 03:59:09 GMT
x-content-type-options
nosniff
age
68559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Oct 2024 03:59:09 GMT
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame E9E6 		66 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.29.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA?compressed=true&v=16.29.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59feea7bc720ddcf41f4c1b173ebaeb9409eac62674546b140fd11adc04708a0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
38210
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 23 Oct 2023 01:57:00 GMT
wn
prod-dash-10-0-92-26
server
cloudflare
etag
W/"68027-1698026220000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.001
cache-control
public, max-age=86400
cf-ray
81c652bf4a6d2c3d-FRA
expires
Fri, 27 Oct 2023 23:01:48 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame E9E6 		39 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=GTCopIDc5z&version=1483354452000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA?compressed=true&v=16.29.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b078017f3a5881d5c8af75f15f00b363c0c7d3e6677981eb293e296e869a85b6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTTZPN8IJ3VO&templateVariantId=OTVZDVTXV2OZU&offerId=fakeOfferId&experienceId=EXJL5S9I54F3&iframeId=offer_9f20fdee8c8e05e0124a-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
M0zr53sAQwb
pragma
wn
prod-dash-10-0-138-255
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.002
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
81c652bf4a702c3d-FRA
expires
Fri, 27 Oct 2023 19:01:48 EDT
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame E9E6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
2195
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
content-length
2177
last-modified
Wed, 25 Oct 2023 13:33:22 GMT
wn
prod-dash-10-0-134-198
server
cloudflare
etag
W/"2177-1698240802000"
vary
Accept-Encoding
content-type
image/png
server-time
0.001
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
81c652bf6a812c3d-FRA
expires
Fri, 27 Oct 2023 01:01:48 GMT
74387
idx.liadm.com/idex/prebid/ Frame DF86 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/74387?duid=be2f1ac8945b--01hdq3htx0gtr7xz8wgkm312yh
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.37.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-37-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
trace-id
0b027162d5a68400
vary
Origin
request-time
9
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ Frame 095D 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=ADLaM+Display&family=Merriweather&family=Open+Sans:wght@300;400;500&family=Phudu:wght@300&family=Poppins:wght@300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 11:25:29 GMT
x-content-type-options
nosniff
age
214579
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Oct 2024 11:25:29 GMT
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 095D 		66 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.29.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA?compressed=true&v=16.29.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59feea7bc720ddcf41f4c1b173ebaeb9409eac62674546b140fd11adc04708a0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
38210
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 23 Oct 2023 01:57:00 GMT
wn
prod-dash-10-0-92-26
server
cloudflare
etag
W/"68027-1698026220000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.001
cache-control
public, max-age=86400
cf-ray
81c652bfbacb2c3d-FRA
expires
Fri, 27 Oct 2023 23:01:48 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame 095D 		39 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=GTCopIDc5z&version=1483354452000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA?compressed=true&v=16.29.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b078017f3a5881d5c8af75f15f00b363c0c7d3e6677981eb293e296e869a85b6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OTXNBP0CDOH9&templateVariantId=OTVMGDK646BZK&offerId=fakeOfferId&experienceId=EXL6PHXYIR4V&iframeId=offer_3ffba5cbfbfe308ac2b9-0&displayMode=inline&widget=template&url=https%3A%2F%2Foglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
M0zr53sjboi
pragma
wn
prod-dash-10-0-113-93
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.002
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
81c652bfbace2c3d-FRA
expires
Fri, 27 Oct 2023 19:01:48 EDT
fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 095D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
2195
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
content-length
2177
last-modified
Wed, 25 Oct 2023 13:33:22 GMT
wn
prod-dash-10-0-134-198
server
cloudflare
etag
W/"2177-1698240802000"
vary
Accept-Encoding
content-type
image/png
server-time
0.001
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
81c652bfbad42c3d-FRA
expires
Fri, 27 Oct 2023 01:01:48 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 3951 		264 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/a9floorcheck.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
039a2d3b0a025c36845720df9d5d8253ed0accd2b7e37cb76c6d2d8cc137e7b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 22:23:52 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
last-modified
Tue, 24 Oct 2023 21:00:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
2277
x-amz-server-side-encryption
AES256
etag
W/"f90f24d20b0a1f80ef986c97a9726a2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
4_K26pPnd5VT0zXc8Mkm-g7Oo7yU-rv-PPzr5jwN6HNi0As-RjqBqA==
container.html
c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6405 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 23:01:45 GMT
expires
Fri, 25 Oct 2024 23:01:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame DF86 		230 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.232.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-232-182.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f981cd12a95a3d5cd29fed7b0e95e8b292061ca5d5237ff572d0b88e6894aaef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 16:10:16 GMT
server
Apache
etag
"3965e-607ffe0078239-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67642
expires
Thu, 26 Oct 2023 23:16:48 GMT
load.js
pm-widget.taboola.com/editoraglobonetwork/ 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/editoraglobonetwork/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdd8a03d4f991abc68b26860acf789b9ab8b01bdb33b59a9f5861e68ca07f6b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
avFu_8YDlMZk2FadaSnJ93_6jfhKujAJ
content-encoding
gzip
via
1.1 varnish
date
Thu, 26 Oct 2023 23:01:48 GMT
x-amz-request-id
21MZWVSGS4VT0AAP
age
3003
x-cache
HIT
content-length
2158
x-amz-id-2
36CK+AkGLUYZvVL6amgx8s40CYCoKx3Fbx0YwmABwGCQGJPOSswPFOqZ9jQdPtGbkbt8bVPhRaU=
x-served-by
cache-fra-eddf8230108-FRA
last-modified
Thu, 28 Sep 2023 09:53:53 GMT
server
AmazonS3
x-timer
S1698361308.379626,VS0,VE1
etag
"1a3a4c01368008685ab73c00426c052b"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
1
sync
gum.criteo.com/ 		73 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d5e7e8c5932a8ded47df45f640eba849bfba7cfe1f3be177fe103f0b40828a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
774673
expires
60
impl.20231026-7-RELEASE.js
cdn.taboola.com/libtrc/ 		814 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
7800e3c307c07f97cd107a04d57cb6677817d306ac584f5ea752507580460ecd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
GPZDFjjWSy3DhCggTNa1mL7dkkadWjQ7
content-encoding
br
via
1.1 varnish
date
Thu, 26 Oct 2023 23:01:48 GMT
x-amz-request-id
VZFGC8359BVKSVD6
age
18099
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
172502
x-amz-id-2
t1gTCaGz4uky89uR4Db3jrRYY0rHGvgNQamE07UtbQyIQLiCX0dmJN02DEihjZUQDS/z+csym+U=
x-served-by
cache-fra-eddf8230108-FRA
last-modified
Thu, 26 Oct 2023 09:58:50 GMT
server
AmazonS3-br
x-timer
S1698361308.394491,VS0,VE0
etag
"2360df86d9f30659043fb748ff4e84af"
vary
Accept-Encoding
content-type
application/javascript
abp
63
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
55344
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SL5WEXQ2G6&gtm=45je3ap0v878491685z86920778&_p=406410932&gcd=11l1l1l1l1&cid=233865381.1698361305&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698361308&sct=1&seg=0&dl=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&dt=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&en=Eventos%20Piano&_fv=1&_ss=1&ep.eventCategory=Piano&ep.eventAction=Cobertura_API_Sem&ep.eventLabel=SemClientId
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-SL5WEXQ2G6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 3951 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 3951 		19 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:48 GMT
an-x-request-uuid
2fc233aa-2719-47c1-b620-9c7cd815308d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3951 		564 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1798354&size_id=57&rp_schain=1.0,1!hcodemedia.com,288,1,,,&eid_pubcid.org=ae0777c5-b9e7-4908-8d21-43cf5fe09bd5%5E1&rf=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&tg_i.domain=oglobo.globo.com&tg_i.page=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&tg_i.adunit=oglobo.globo.com.dw.970x250.inter.cdmx&tg_i.pbadslot=%2F138871148%2Foglobo.globo.com.dw.970x250.inter&tk_flint=pbjs_lite_v7.45.0&x_source.tid=fff663db-b930-4508-a3d0-0ef0051d3388&l_pb_bid_id=62f44a507887dd&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=fff663db-b930-4508-a3d0-0ef0051d3388&rp_maxbids=1&p_gpid=%2F138871148%2Foglobo.globo.com.dw.970x250.inter&slots=1&rand=0.8644712417769567
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
71790551cb76a760a03b1078ad4ac3a55943d81e1a1961625e97ad2527b3a73a

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
564
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame 3951 		23 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.45.0
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 New York, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
bbf3c0801322e6b3000a664d3d7c410b9cf7c3a5cf9961098bb7bbe066e43240

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 26 Oct 2023 23:01:48 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://oglobo.globo.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
truncated
/ Frame 3951 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39dfed5eebe6f681c5a1bd1d12bc8c25950345380b614287afbfbc5da1cdab21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
subscribe-button.js
static.infoglobo.com.br/paywall/valor-subscribe-button/v1/scripts/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/valor-subscribe-button/v1/scripts/subscribe-button.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
123.224.151.34.bc.googleusercontent.com
Software
/
Resource Hash
ac2b0b24d095a1cbd0b3a8a099a9df8c82013e2901a7a46a0a47c1b50d941e05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-location-rule
static - tiny.js
date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
x-proxy-cache
HIT
last-modified
Thu, 26 Oct 2023 20:25:46 GMT
x-cache-status
HIT
x-served-from
infoglobo-router-gcp, shared-cache
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
supportspointer
true
cache-control
max-age=600
charset
utf-8
x-request-id
7a52ff8a7a4ed7cf1543384b1f36db36
expires
Thu, 26 Oct 2023 20:47:01 GMT
logExecutionStats
c2.piano.io/api/v3/composer/ 		2 B
114 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/api/v3/composer/logExecutionStats?aid=GTCopIDc5z&items=%5B%7B%22mId%22%3A%22timer0GXZ5IBP8JTG337%22%2C%22eId%22%3A%22EXJL5S9I54F3%22%2C%22eV%22%3A38%2C%22eeId%22%3A%221805790098-000032re73kecai0d8kbs455as%22%7D%2C%7B%22mId%22%3A%22runJs2ZU1SZ32D9PJ44%22%2C%22eId%22%3A%22EXJL5S9I54F3%22%2C%22eV%22%3A38%2C%22eeId%22%3A%221805790098-000032re73kecai0d8kbs455as%22%7D%5D&execution_stats_context=%7Bkpdx%7DAAAA8PrYpKH1BgoAEhBsbzdzZ3h0ZzI5a2ppNDJ3GhIAw255eDVrdzExIhJ2LSYA82l2bjU4emVtcjAqdE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTguMC41OTkzLjExNyBTYWZhcmk4APMVOgYIABICQU06BggBEgJBRDoGCAISAkNQOgYIAxICUFI6BggECAATBQgA0AYSAkFEOgYIBxICREw&ts=1698361308627&source=chain
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.194.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
cf-ray
81c652c2fb453661-FRA
alt-svc
h3=":443"; ma=86400
content-length
2
x-request-id
sb9dxudg5v
clientConfigurations.js
buy.tinypass.com/api/v3/anon/assets/ 		279 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/clientConfigurations.js?aid=GTCopIDc5z&tbc=%7Bkpex%7DAtADb8sI8sxN3SIq7TeRfyCWDj4X_PaoJ1jAsx05Rl_Ofe97V6sqLXT1dCNQV9W9&user_provider=publisher_user_ref&user_token=
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.176.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86613139b1ac9e01af106a1bce6aa96c530dcd7b6542177787172dd9674e1544
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
MISS
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
M0zr53sQNuS
wn
prod-dash-10-0-82-37
last-modified
Thu, 26 Oct 2023 23:01:48 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.004
cache-control
public, max-age=14400
cf-ray
81c652c2fea903d0-FRA
expires
Fri, 27 Oct 2023 03:01:48 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 4093 		150 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTrv2wANrv8Iu_S1AAUc6tw0SZUtLE58Ibr7kg&u=%7CcPdNlPfxj8kk1vKwEGwpUkC4k82U7TA852VU3oBG4cQ%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WorlxbH5PHq5yqN4ZfUFzi7DSY4wae9_VGh6uW4BYaa5FFUcX1DiQgXz489gF2oeA_LG5_34nsRb-eCmAvdbHrRQTUumeNcBI5nq3EMMwo8F-rGkm-47dyrMGXoUPT6qDkjGZ-uPfuy1EZpyHTVU-70caknN-OXnXOPUkk-YB80w50mP35Dtzu0kxm7PySrpLGLstAsjZlvtuuJK4ut8k7iHt1MJfVYeRoIct7LdnSiFsFC3P1R-k0O1JY3r_cqPfg9R0Pnhw3abY7HXv4M5Ga4NUVjMtY0FfKTVshcz3Zh7l8NQEIYaY8-zfEbipI1c_oEzhm1xjMpwtL_b1lmFSP4ycC7uyEVe9XiocgfUCd6mO0QTd0TzzI9LXpQBN_YhtqJg5zl4MPmvvBHCa64DTD-jeQG290JV3vMvWOXBH5pBWvVO96fQvahBtNxFXCv0lYSSHi2MAMGmKFo27DJREu0WFGD8yOMfL_7KdsCyoO06GRQwKQlAHo4oGEnhNP0Lz2_UXinye8LWiUtJN6dTgVOUAzHm3QuY8LOHdai1y9RH-oqEka-3rEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBiPG2-86Zf_dNrXp7_UP6rmUmAzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCFzX670WzsT7gAgCoAwHIAwKqBIkDT9BDeKGrcnP8p40ii2rzzrNlUqUNAsi89SVWbSz1wtGiRD0Uo-QJ7m-M_dvjVArQ1VBG0IXSqaZe33CFSeuSRKm6iaTc5qR52CAYopirwStXsfcZNVjiZAjXuUi66LoEBo0qB-YGZykzsiHLx8ECt9dgtSL-J6IzT5j5ONnEROgtVhazj6shHDEikKET1u0ss5TRg0EEHXitZvWewIRfUQNUAzxTc5_N9kUozdL5T9foajrpfNhTwnRIwRtViJteVe2Yh65Xp5-JMHr4oUIL_weRY5VKI_oaVmrc1gCQgH5NeQO7YOHTLZTYwjPsLxo_6QN2n2XU7MrRV5x4hOVa2SQQQ7Awyok60iBOfXhxFjV-PozFIrTGuKkOLJXsNIJ19yZW_qFTqbC30UhpRgOcM8DDLn3uPalzDZG1yFCLyngQFqHfMMx76wnjsEKBiA91Ekx4G0VaCADjEZq8JyIoNVca2B71nyicEoGyj0LxZCfDQ_JYznkEZHVkyG1DM9jkm1ePx02NQdYy4AQBgAbJs6nFhPOiylmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_347esvcKJjZNTD9RDy3C1EoMaNwA%26client%3Dca-pub-8828587149473437%26adurl%3D
Requested by
Host: c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b1b78d690ebc80e62dc6cb535cfdf99832387c46c5c634908617f9cb6890a5f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 23:01:48 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=BFz2l2kOJQGZiDnkHC6Ru_rsJMIR6iYTbUKxLFFaqIyTqUsoNS6Htk9-5lCvQRio7IOGWGXlH1H-o41qHySpyUtfAN3_3DvUyYE8MeDAQCGuKLjZ9bC-T6of2lpbKYxkA7jLpl48djTU4iuqTMWVFxVzMFLonVAo7dySRC0UoGH4L5DaSMCQzZjRyA37QYIzPC-9uH5QOTWPSACcDaQGyRVRmGSGDQrl2_F0LeEgUJSqlVpQlN3Q1e5cvZ6LdHY4kLqHqw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
46819192
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 6405 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/window_focus_fy2021.js
Requested by
Host: c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 16:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
24430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 16:14:38 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5BA0 		1 KB
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
23991
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 16:21:57 GMT
etag
48472445140208031
expires
Fri, 27 Oct 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/ Frame 6405 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231025/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 16:14:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
24430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 16:14:38 GMT
l
www.google.com/ads/measurement/ Frame 6405 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQbZCCmeh1mRmBtW8n_7k5A1xoDVnfj7uylat_gD2FvvUopdysNp6bKhIV6SfWITqxw3_YTGSbecdYGDTm-ZoZUzkT2A
Requested by
Host: c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6405 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
577659
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Oct 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6405 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698233972131352"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 23:01:48 GMT
ea05d466-f785-4b9a-a030-6fdc6a39498f
config.aps.amazon-adsystem.com/configs/ Frame 3951 		537 B
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
f94bb0ae5532e06fa22046d489fef28ff346b0919fcededf6ce181330615b2f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 22:07:25 GMT
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
3263
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
4aRV1ol3__pIsw3yk8_tAsrIVwfwfVBGUoJPz2iXEnYBvS9AD16Zmw==
config
c.amazon-adsystem.com/cdn/prod/ Frame 3951 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Foglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
2e68bdf94f42cdc9bcb7fb6471cc82bbdf3cee353dae1e5760a5d7068d9de1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 20:18:03 GMT
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
9824
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3753
x-amz-cf-id
0mg_vrRD_mhG4ZVdzwoCnPAOWu8NafMtOEJPAI2pjNnPVgKr79Vzkw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 3951 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
date
Thu, 26 Oct 2023 03:00:07 GMT
x-amz-cf-pop
FRA56-P6
age
72143
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
rbpFonFcCR7556Gowf905x1Tf7_ccAU0HqjY1Bt3FpoHth7TD66-iQ==
lib-analytics-latest.js
s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/lib-analytics-latest.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSJ4QJD&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
877c319b8a36e65249be764ce80ef3891edd45848ba3627b95c7499feb0be48d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
content-encoding
gzip
x-openstack-request-id
tx28a740f82e0c4ac6be2cd-00653aefdc
last-modified
Tue, 23 May 2023 21:09:44 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
x-object-meta-mtime
1684872817.000000
content-type
application/javascript
x-timestamp
1684876183.22388
cache-control
public, max-age=180
x-trans-id
tx28a740f82e0c4ac6be2cd-00653aefdc
x-request-id
56c9b9bd-b275-4e40-ba23-35ba9446ad54
v1
lb.eu-1-id5-sync.com/lb/ Frame DF86 		33 B
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e8263d6e378841b9b2253c5378a8c777964dc981e52c94f363437e54ab59db5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
407
a.ad.gt/api/v1/u/matches/ Frame DF86 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/407?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&ref=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&_it=amazon&partner_id=407
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.23.234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75a7679494655793228abb99e12e66af7900cd62b3ef692125960942dc23e0a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Thu, 26 Oct 2023 22:55:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
81c652c5bd881da8-FRA
step2.html
id.globo.com/auth/realms/globo.com/protocol/openid-connect/3p-cookies/ Frame 7672 		1 KB
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/3p-cookies/step2.html
Requested by
Host: id.globo.com
URL: https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/3p-cookies/step1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.201.227 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
227.201.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
20ae6a4a7d0d0a5cf52120dea92dcfc64fe95a1aa230399bbbeef27d2e5fe074
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; object-src 'none'; frame-ancestors 'self' https://*.globoi.com https://*.globo.com https://local.globoi.com:8080 https://*.apps.tsuru.gcp.i.globo https://*.techtudo.com.br https://www.techtudo.com.br;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since, framework_version_header, system_version_header, platform_header, app_id_header, access_header, globoid_connect_apikey
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate, no-transform, no-store
content-encoding
gzip
content-security-policy
frame-src 'self'; object-src 'none'; frame-ancestors 'self' https://*.globoi.com https://*.globo.com https://local.globoi.com:8080 https://*.apps.tsuru.gcp.i.globo https://*.techtudo.com.br https://www.techtudo.com.br;
content-type
text/html;charset=utf-8
date
Thu, 26 Oct 2023 23:01:49 GMT
p3p
CP="This is not a P3P policy!"
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-robots-tag
none
x-xss-protection
1; mode=block
oglobo
horizon-track.globo.com/event/ 		0
365 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://horizon-track.globo.com/event/oglobo
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryHVePnfaVQJozhPQ7

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
x-served-from
hzt-tsuru
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
access-control-allow-headers
user,User-Agent,Content-Type,GLBID,GLBUID,GST
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C45C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
20768
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:15:40 GMT
expires
Fri, 25 Oct 2024 17:15:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FBAE 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
3c5ef38ecfa737c7ec14e221c96402648de2b654f131a25b127189e54dd1a54e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dL-6DXAnu-82aCbySMc8fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-dL-6DXAnu-82aCbySMc8fg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 23:01:49 GMT
expires
Thu, 26 Oct 2023 23:01:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
410270039520634
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/410270039520634?v=2.9.135&r=stable&domain=oglobo.globo.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
abdb5706faa5986095c7ee7e87d7bbf02b68539a36e0c7e1082f0f33230f68ce
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 26 Oct 2023 23:01:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
cDQn7cxeU5xHYvhKp7ZatM6neyHFXy8WC5srzRHFUZbhPhVAhvqG09QKEVa0tTfyrx9TcZTRj4YOHBoOHfiFrw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
i
ivccf.ivcbrasil.org.br/ 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivccf.ivcbrasil.org.br/i?stm=1698361308805&e=pv&url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&page=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=9&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=845e9347-dd87-4792-b63c-3fb7cbf27e53&dtm=1698361308803&vp=1600x1200&ds=1600x9911&vid=1&sid=57ce0116-e66b-4ad6-a862-ff0518af870d&duid=3456a114-e8ba-4171-af6b-7ffde5d4a151&fp=3991596866
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.21.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-21-199.us-west-2.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:01:49 GMT
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=oglobo.globo.com&p=%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&u=DLWKR27f10_DcXimK&d=oglobo.globo.com&g=56624&g0=Rio&g1=Giulia%20Ventura%2C%20Paolla%20Serra%20e%20Rafael%20Soares&n=1&f=00001&c=0&x=0&m=0&y=9911&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&b=7199&t=DmDoUe0ZSzFCMeCrBsolWD1ITql&V=141&i=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&tz=-120&_acct=anon&sn=1&sv=CJNgbICMYFk7D6J9GMBCeRhcrJnz1&sd=1&im=067bffff&_
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.216.72.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-72-29.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:49 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
tm13574.js
tag.navdmp.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm13574.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/oglobo/prod/lib-pub-ext-tags-oglobo-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.14.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Sep 2021 18:45:04 GMT
server
cloudflare
age
347
etag
W/"6137b330-4291"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
81c652c6c87b37ca-FRA
expires
Thu, 26 Oct 2023 23:56:02 GMT
dmp.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/dmp.min.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/oglobo/prod/lib-pub-ext-tags-oglobo-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
188ad1f5f1635b83df77cd27805c09bf37ec353c01f8bd731c8624612f28f353

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
x-openstack-request-id
tx863c8404ee8e4cf18b9da-00653ad008
last-modified
Fri, 16 Jun 2023 12:31:17 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1686918676.85556
cache-control
max-age=18000
x-trans-id
tx863c8404ee8e4cf18b9da-00653ad008
x-request-id
694c3736-3e25-4551-8978-7c6cd68eb153
t3m.js
tags.t.tailtarget.com/ 		64 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-12842-2/CT-1047
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/oglobo/prod/lib-pub-ext-tags-oglobo-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
775807392af29b7a91f1217ab6ed717ba35baaa024bdccc9273321f54ab51bb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 22:10:31 GMT
content-encoding
gzip
via
1.1 google
age
3077
x-guploader-uploadid
ABPtcPpiKc_b4XDAIFuOdGxxrwaJE3FNXCkvr_siupn_pgBMgyMPbwosn__U1691qMMQI2P7uDFqu-0Jaw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11157
last-modified
Wed, 16 Feb 2022 19:26:59 GMT
server
nginx/1.8.1
etag
"7baa2c88b7abc79944366989908f0a4f"
vary
Accept-Encoding
x-goog-generation
1645039619237034
x-goog-hash
md5=e6osiLerx5lENmmJkI8KTw==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
11157
accept-ranges
bytes
expires
Fri, 27 Oct 2023 00:10:31 GMT
pmk-20220605.13.js
pm-widget.taboola.com/editoraglobonetwork/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/editoraglobonetwork/pmk-20220605.13.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/editoraglobonetwork/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d324e696d8eff869aba1a11fb57ee5ff41d486c1f4c0a4c41e70c705e8194cbd

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
riBLlp2W2iGvHi8DcZSGRiSyaeJmPBap
content-encoding
gzip
via
1.1 varnish
date
Thu, 26 Oct 2023 23:01:48 GMT
x-amz-request-id
VJXAPC6WC2V801TJ
age
2466425
x-cache
HIT
content-length
28799
x-amz-id-2
SEjjnsGWjKPR3DJaA6AjDIZY1Ciku1VPJ8m34b4bPXg8qOQjpUBJ+QVLMWevAKHhP8OrXMNxrh4=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Thu, 28 Sep 2023 09:53:52 GMT
server
AmazonS3
x-timer
S1698361309.978949,VS0,VE0
etag
"cf865437aa13ed4e856f389bfec9ae01"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
84
/
usergate.globo.com/ 		30 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://usergate.globo.com/
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.44.198.35.bc.googleusercontent.com
Software
/
Resource Hash
6a373c5b79ec9b010b70d6b619fe0fdcd50067ab10bb3d63449d4b6ccb77ce2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
access-control-allow-headers
User-Agent,Content-Type,Cookie,X-App,GLBID,GST
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.217.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-217-113.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 26 Oct 2023 23:01:49 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.217.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-217-113.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://oglobo.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 26 Oct 2023 23:01:49 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
ingest.php
events.newsroom.bi/ 		126 B
872 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.96.35 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy03.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
86
compass-multimedia-sdk.js
sdk.mrf.io/statics/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=776
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d170b6eb660ad5ff65d6c64e9fb34d0616f03623092d1ff4f43bff55d30176a

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
br
via
1.1 c50e6c45c49371a5ebc690255500593c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
LHR61-C1
age
3408
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
22
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 26 Oct 2023 06:39:19 GMT
server
cloudflare
etag
W/"af2bfae0f15e81ea10c12482aa21253e"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
81c652c57a64371a-FRA
x-amz-cf-id
T7e8EoHoZEBVPndptERS7EFtPjhd6ZQGoVrKax9z1KfzrVWDApSvTg==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 3951 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&pid=I1BhYX4mOyks1&cb=0&ws=970x250&v=23.1020.1619&t=1000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.970x250.inter%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A125%7D%5D&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
WEHXPWWY6Y5GCV8R4HMJ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
wOPzDKuDRefAXeoM8WfA8kR7kRxvb0YTMq74YtoE1AeCbIc-msz3Rw==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 3951 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.232.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-232-182.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 26 Oct 2023 23:16:49 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 3951 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 02:03:18 GMT
content-encoding
gzip
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
75512
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
rWidrR7EXonzvAwu41o6FGAsyNsw_u6_qF47KsxuzLzbsnIfwjRKKg==
hadron.js
cdn.hadronid.net/ Frame 3951 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&ref=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&_it=amazon&partner_id=407
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.36.110 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907P0TB94S36DGVM
age
534
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
81c652c5c83d1c44-FRA
x-amz-id-2
h/ONXLwae6iM09gh9FAps6RtAYH3Y0Kwsp/Odih6j7jcgPhpo1/xVSCaJJeV+QY3MnwBFDbKvY0=
92bb6886-83
aps.zqtk.net/ Frame 3951 		0
0
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 3951 		142 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c50ffbb0d5049173748e6468980ae6811d8c7effecb8c7428984ea00734545fa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2023 08:11:43 GMT
server
cloudflare
x-amz-request-id
85VX6K1WK8KDXANP
age
1719
etag
W/"f782ea030d6823bac929128fb89f783a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
81c652c5dff8bbd9-FRA
x-amz-id-2
XoyjN5eBRzfOYVg1sA8PuP1xV7Bk9Ddn9XrM7czqjwc2gKMasduypuLFDauD22XD4HObGvPwd34=
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 3951 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.232.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-232-182.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Thu, 26 Oct 2023 23:16:49 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		265 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=oglobo.globo.com&domain=oglobo.globo.com&path=%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7904fab8aa39fa7ef706323029c5a5e291a4c3dd3284b89b4c176db1d3385a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
192
x-served-by
cache-fra-eddf8230086-FRA
x-timer
S1698361309.447350,VS0,VE101
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Tue, 24 Oct 2023 23:01:49 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4093 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTrv2wANrv8Iu_S1AAUc6tw0SZUtLE58Ibr7kg&u=%7CcPdNlPfxj8kk1vKwEGwpUkC4k82U7TA852VU3oBG4cQ%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WorlxbH5PHq5yqN4ZfUFzi7DSY4wae9_VGh6uW4BYaa5FFUcX1DiQgXz489gF2oeA_LG5_34nsRb-eCmAvdbHrRQTUumeNcBI5nq3EMMwo8F-rGkm-47dyrMGXoUPT6qDkjGZ-uPfuy1EZpyHTVU-70caknN-OXnXOPUkk-YB80w50mP35Dtzu0kxm7PySrpLGLstAsjZlvtuuJK4ut8k7iHt1MJfVYeRoIct7LdnSiFsFC3P1R-k0O1JY3r_cqPfg9R0Pnhw3abY7HXv4M5Ga4NUVjMtY0FfKTVshcz3Zh7l8NQEIYaY8-zfEbipI1c_oEzhm1xjMpwtL_b1lmFSP4ycC7uyEVe9XiocgfUCd6mO0QTd0TzzI9LXpQBN_YhtqJg5zl4MPmvvBHCa64DTD-jeQG290JV3vMvWOXBH5pBWvVO96fQvahBtNxFXCv0lYSSHi2MAMGmKFo27DJREu0WFGD8yOMfL_7KdsCyoO06GRQwKQlAHo4oGEnhNP0Lz2_UXinye8LWiUtJN6dTgVOUAzHm3QuY8LOHdai1y9RH-oqEka-3rEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBiPG2-86Zf_dNrXp7_UP6rmUmAzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCFzX670WzsT7gAgCoAwHIAwKqBIkDT9BDeKGrcnP8p40ii2rzzrNlUqUNAsi89SVWbSz1wtGiRD0Uo-QJ7m-M_dvjVArQ1VBG0IXSqaZe33CFSeuSRKm6iaTc5qR52CAYopirwStXsfcZNVjiZAjXuUi66LoEBo0qB-YGZykzsiHLx8ECt9dgtSL-J6IzT5j5ONnEROgtVhazj6shHDEikKET1u0ss5TRg0EEHXitZvWewIRfUQNUAzxTc5_N9kUozdL5T9foajrpfNhTwnRIwRtViJteVe2Yh65Xp5-JMHr4oUIL_weRY5VKI_oaVmrc1gCQgH5NeQO7YOHTLZTYwjPsLxo_6QN2n2XU7MrRV5x4hOVa2SQQQ7Awyok60iBOfXhxFjV-PozFIrTGuKkOLJXsNIJ19yZW_qFTqbC30UhpRgOcM8DDLn3uPalzDZG1yFCLyngQFqHfMMx76wnjsEKBiA91Ekx4G0VaCADjEZq8JyIoNVca2B71nyicEoGyj0LxZCfDQ_JYznkEZHVkyG1DM9jkm1ePx02NQdYy4AQBgAbJs6nFhPOiylmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_347esvcKJjZNTD9RDy3C1EoMaNwA%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 23:01:49 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4093 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTrv2wANrv8Iu_S1AAUc6tw0SZUtLE58Ibr7kg&u=%7CcPdNlPfxj8kk1vKwEGwpUkC4k82U7TA852VU3oBG4cQ%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WorlxbH5PHq5yqN4ZfUFzi7DSY4wae9_VGh6uW4BYaa5FFUcX1DiQgXz489gF2oeA_LG5_34nsRb-eCmAvdbHrRQTUumeNcBI5nq3EMMwo8F-rGkm-47dyrMGXoUPT6qDkjGZ-uPfuy1EZpyHTVU-70caknN-OXnXOPUkk-YB80w50mP35Dtzu0kxm7PySrpLGLstAsjZlvtuuJK4ut8k7iHt1MJfVYeRoIct7LdnSiFsFC3P1R-k0O1JY3r_cqPfg9R0Pnhw3abY7HXv4M5Ga4NUVjMtY0FfKTVshcz3Zh7l8NQEIYaY8-zfEbipI1c_oEzhm1xjMpwtL_b1lmFSP4ycC7uyEVe9XiocgfUCd6mO0QTd0TzzI9LXpQBN_YhtqJg5zl4MPmvvBHCa64DTD-jeQG290JV3vMvWOXBH5pBWvVO96fQvahBtNxFXCv0lYSSHi2MAMGmKFo27DJREu0WFGD8yOMfL_7KdsCyoO06GRQwKQlAHo4oGEnhNP0Lz2_UXinye8LWiUtJN6dTgVOUAzHm3QuY8LOHdai1y9RH-oqEka-3rEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBiPG2-86Zf_dNrXp7_UP6rmUmAzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCFzX670WzsT7gAgCoAwHIAwKqBIkDT9BDeKGrcnP8p40ii2rzzrNlUqUNAsi89SVWbSz1wtGiRD0Uo-QJ7m-M_dvjVArQ1VBG0IXSqaZe33CFSeuSRKm6iaTc5qR52CAYopirwStXsfcZNVjiZAjXuUi66LoEBo0qB-YGZykzsiHLx8ECt9dgtSL-J6IzT5j5ONnEROgtVhazj6shHDEikKET1u0ss5TRg0EEHXitZvWewIRfUQNUAzxTc5_N9kUozdL5T9foajrpfNhTwnRIwRtViJteVe2Yh65Xp5-JMHr4oUIL_weRY5VKI_oaVmrc1gCQgH5NeQO7YOHTLZTYwjPsLxo_6QN2n2XU7MrRV5x4hOVa2SQQQ7Awyok60iBOfXhxFjV-PozFIrTGuKkOLJXsNIJ19yZW_qFTqbC30UhpRgOcM8DDLn3uPalzDZG1yFCLyngQFqHfMMx76wnjsEKBiA91Ekx4G0VaCADjEZq8JyIoNVca2B71nyicEoGyj0LxZCfDQ_JYznkEZHVkyG1DM9jkm1ePx02NQdYy4AQBgAbJs6nFhPOiylmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_347esvcKJjZNTD9RDy3C1EoMaNwA%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 23:01:49 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4093 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTrv2wANrv8Iu_S1AAUc6tw0SZUtLE58Ibr7kg&u=%7CcPdNlPfxj8kk1vKwEGwpUkC4k82U7TA852VU3oBG4cQ%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WorlxbH5PHq5yqN4ZfUFzi7DSY4wae9_VGh6uW4BYaa5FFUcX1DiQgXz489gF2oeA_LG5_34nsRb-eCmAvdbHrRQTUumeNcBI5nq3EMMwo8F-rGkm-47dyrMGXoUPT6qDkjGZ-uPfuy1EZpyHTVU-70caknN-OXnXOPUkk-YB80w50mP35Dtzu0kxm7PySrpLGLstAsjZlvtuuJK4ut8k7iHt1MJfVYeRoIct7LdnSiFsFC3P1R-k0O1JY3r_cqPfg9R0Pnhw3abY7HXv4M5Ga4NUVjMtY0FfKTVshcz3Zh7l8NQEIYaY8-zfEbipI1c_oEzhm1xjMpwtL_b1lmFSP4ycC7uyEVe9XiocgfUCd6mO0QTd0TzzI9LXpQBN_YhtqJg5zl4MPmvvBHCa64DTD-jeQG290JV3vMvWOXBH5pBWvVO96fQvahBtNxFXCv0lYSSHi2MAMGmKFo27DJREu0WFGD8yOMfL_7KdsCyoO06GRQwKQlAHo4oGEnhNP0Lz2_UXinye8LWiUtJN6dTgVOUAzHm3QuY8LOHdai1y9RH-oqEka-3rEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBiPG2-86Zf_dNrXp7_UP6rmUmAzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCFzX670WzsT7gAgCoAwHIAwKqBIkDT9BDeKGrcnP8p40ii2rzzrNlUqUNAsi89SVWbSz1wtGiRD0Uo-QJ7m-M_dvjVArQ1VBG0IXSqaZe33CFSeuSRKm6iaTc5qR52CAYopirwStXsfcZNVjiZAjXuUi66LoEBo0qB-YGZykzsiHLx8ECt9dgtSL-J6IzT5j5ONnEROgtVhazj6shHDEikKET1u0ss5TRg0EEHXitZvWewIRfUQNUAzxTc5_N9kUozdL5T9foajrpfNhTwnRIwRtViJteVe2Yh65Xp5-JMHr4oUIL_weRY5VKI_oaVmrc1gCQgH5NeQO7YOHTLZTYwjPsLxo_6QN2n2XU7MrRV5x4hOVa2SQQQ7Awyok60iBOfXhxFjV-PozFIrTGuKkOLJXsNIJ19yZW_qFTqbC30UhpRgOcM8DDLn3uPalzDZG1yFCLyngQFqHfMMx76wnjsEKBiA91Ekx4G0VaCADjEZq8JyIoNVca2B71nyicEoGyj0LxZCfDQ_JYznkEZHVkyG1DM9jkm1ePx02NQdYy4AQBgAbJs6nFhPOiylmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_347esvcKJjZNTD9RDy3C1EoMaNwA%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 20 Oct 2024 23:01:49 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 4093 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTrv2wANrv8Iu_S1AAUc6tw0SZUtLE58Ibr7kg&u=%7CcPdNlPfxj8kk1vKwEGwpUkC4k82U7TA852VU3oBG4cQ%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WorlxbH5PHq5yqN4ZfUFzi7DSY4wae9_VGh6uW4BYaa5FFUcX1DiQgXz489gF2oeA_LG5_34nsRb-eCmAvdbHrRQTUumeNcBI5nq3EMMwo8F-rGkm-47dyrMGXoUPT6qDkjGZ-uPfuy1EZpyHTVU-70caknN-OXnXOPUkk-YB80w50mP35Dtzu0kxm7PySrpLGLstAsjZlvtuuJK4ut8k7iHt1MJfVYeRoIct7LdnSiFsFC3P1R-k0O1JY3r_cqPfg9R0Pnhw3abY7HXv4M5Ga4NUVjMtY0FfKTVshcz3Zh7l8NQEIYaY8-zfEbipI1c_oEzhm1xjMpwtL_b1lmFSP4ycC7uyEVe9XiocgfUCd6mO0QTd0TzzI9LXpQBN_YhtqJg5zl4MPmvvBHCa64DTD-jeQG290JV3vMvWOXBH5pBWvVO96fQvahBtNxFXCv0lYSSHi2MAMGmKFo27DJREu0WFGD8yOMfL_7KdsCyoO06GRQwKQlAHo4oGEnhNP0Lz2_UXinye8LWiUtJN6dTgVOUAzHm3QuY8LOHdai1y9RH-oqEka-3rEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBiPG2-86Zf_dNrXp7_UP6rmUmAzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCFzX670WzsT7gAgCoAwHIAwKqBIkDT9BDeKGrcnP8p40ii2rzzrNlUqUNAsi89SVWbSz1wtGiRD0Uo-QJ7m-M_dvjVArQ1VBG0IXSqaZe33CFSeuSRKm6iaTc5qR52CAYopirwStXsfcZNVjiZAjXuUi66LoEBo0qB-YGZykzsiHLx8ECt9dgtSL-J6IzT5j5ONnEROgtVhazj6shHDEikKET1u0ss5TRg0EEHXitZvWewIRfUQNUAzxTc5_N9kUozdL5T9foajrpfNhTwnRIwRtViJteVe2Yh65Xp5-JMHr4oUIL_weRY5VKI_oaVmrc1gCQgH5NeQO7YOHTLZTYwjPsLxo_6QN2n2XU7MrRV5x4hOVa2SQQQ7Awyok60iBOfXhxFjV-PozFIrTGuKkOLJXsNIJ19yZW_qFTqbC30UhpRgOcM8DDLn3uPalzDZG1yFCLyngQFqHfMMx76wnjsEKBiA91Ekx4G0VaCADjEZq8JyIoNVca2B71nyicEoGyj0LxZCfDQ_JYznkEZHVkyG1DM9jkm1ePx02NQdYy4AQBgAbJs6nFhPOiylmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_347esvcKJjZNTD9RDy3C1EoMaNwA%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 20 Oct 2024 23:01:49 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 4093 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=2zbbIvxBo1dQJYOx82VDedlCe7Ae_YhEIAybau_QXyrRN4jptXXIZrD2JQ7ji6IUQ_X8S-d7oy1eeenJ8-2FOHcjTy-Sjh64rINTAtFLXGa38-Cr9-YeKPfRLsD_FHkIILiNZrjGwP_fMPTzhy1BfJKZGkBc-ezMplTVRymqWzXl-2WD8yPLxJ3GU7kxR1r-iR59wnBqD6usUUvV9eCPorfbRflGEcLGsJmvAdrVM0n7phkUMgj3oe9cqCIXg3FaWXgoeJrBcHEZKvtYZ6-vvTcbhnbZOkggWf_dU9yIwsYWOFnA6-1SXukAUBuaEbodjg1ifKyp1J6lhiVXaWySqqFODI26DAbgdoU5LYCao2bDwvLKTEGonR4Vgbv-aMLGnPtMtvUfDIcsXW6hJjATAiMOaWGl9G7txiBYk2vE5ze3qbIi
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTrv2wANrv8Iu_S1AAUc6tw0SZUtLE58Ibr7kg&u=%7CcPdNlPfxj8kk1vKwEGwpUkC4k82U7TA852VU3oBG4cQ%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WorlxbH5PHq5yqN4ZfUFzi7DSY4wae9_VGh6uW4BYaa5FFUcX1DiQgXz489gF2oeA_LG5_34nsRb-eCmAvdbHrRQTUumeNcBI5nq3EMMwo8F-rGkm-47dyrMGXoUPT6qDkjGZ-uPfuy1EZpyHTVU-70caknN-OXnXOPUkk-YB80w50mP35Dtzu0kxm7PySrpLGLstAsjZlvtuuJK4ut8k7iHt1MJfVYeRoIct7LdnSiFsFC3P1R-k0O1JY3r_cqPfg9R0Pnhw3abY7HXv4M5Ga4NUVjMtY0FfKTVshcz3Zh7l8NQEIYaY8-zfEbipI1c_oEzhm1xjMpwtL_b1lmFSP4ycC7uyEVe9XiocgfUCd6mO0QTd0TzzI9LXpQBN_YhtqJg5zl4MPmvvBHCa64DTD-jeQG290JV3vMvWOXBH5pBWvVO96fQvahBtNxFXCv0lYSSHi2MAMGmKFo27DJREu0WFGD8yOMfL_7KdsCyoO06GRQwKQlAHo4oGEnhNP0Lz2_UXinye8LWiUtJN6dTgVOUAzHm3QuY8LOHdai1y9RH-oqEka-3rEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBiPG2-86Zf_dNrXp7_UP6rmUmAzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCFzX670WzsT7gAgCoAwHIAwKqBIkDT9BDeKGrcnP8p40ii2rzzrNlUqUNAsi89SVWbSz1wtGiRD0Uo-QJ7m-M_dvjVArQ1VBG0IXSqaZe33CFSeuSRKm6iaTc5qR52CAYopirwStXsfcZNVjiZAjXuUi66LoEBo0qB-YGZykzsiHLx8ECt9dgtSL-J6IzT5j5ONnEROgtVhazj6shHDEikKET1u0ss5TRg0EEHXitZvWewIRfUQNUAzxTc5_N9kUozdL5T9foajrpfNhTwnRIwRtViJteVe2Yh65Xp5-JMHr4oUIL_weRY5VKI_oaVmrc1gCQgH5NeQO7YOHTLZTYwjPsLxo_6QN2n2XU7MrRV5x4hOVa2SQQQ7Awyok60iBOfXhxFjV-PozFIrTGuKkOLJXsNIJ19yZW_qFTqbC30UhpRgOcM8DDLn3uPalzDZG1yFCLyngQFqHfMMx76wnjsEKBiA91Ekx4G0VaCADjEZq8JyIoNVca2B71nyicEoGyj0LxZCfDQ_JYznkEZHVkyG1DM9jkm1ePx02NQdYy4AQBgAbJs6nFhPOiylmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_347esvcKJjZNTD9RDy3C1EoMaNwA%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:48 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2495789
expires
Mon, 26 Jul 1997 05:00:00 GMT
j
rp.liadm.com/ Frame 3951 		13 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp.liadm.com/j?dtstmp=1698361309188&se=e30&duid=be2f1ac8945b--01hdq3htx0gtr7xz8wgkm312yh&pu=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&wpn=prebid
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.71.139.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-139-182.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
x-pixel-event-id
61c5016c-19a2-4f76-be6d-3aa5b26b9584
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
13
card-interference-detector.20231026-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20231026-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79f0550393ce13fa34ccfb35fb3afc281d4e2dfa6c957490999011337b244f14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
FI_1DV9MIoHfPkpqDApSKBf7Oe1nmfNu
content-encoding
gzip
via
1.1 varnish
date
Thu, 26 Oct 2023 23:01:49 GMT
x-amz-request-id
3HGZN4ZF520EQDFV
age
10528
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2181
x-amz-id-2
Rk9UGgyw//tVMzACRIi4cjsctBRNgQPTakgOLH4/Sfzrj4GYEyPs0xwpQi7D76FR03fcIHB2sLo=
x-served-by
cache-fra-eddf8230108-FRA
last-modified
Thu, 26 Oct 2023 20:06:22 GMT
server
AmazonS3
x-timer
S1698361309.256630,VS0,VE0
etag
"17cf378812930822abefe07ba25f45e6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
9
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4265
experiences
flowcards.mrf.io/json/ 		66 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flowcards.mrf.io/json/experiences?site_id=1464&client_id=bc15cb41-32de-443b-ae9c-1af19e60b28e&user_type=0&canonical_url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&referrer=&recirculation_source=&previous_page=&geo=__INJECT_GEO__&session_duration=1&pageviews=1&first_visit=1698361308&page_technology=0
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4771b6e6d80480ff9d9ca116255b55e6a618fe445961840333b32a1315255e50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
cf-cache-status
BYPASS
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private
x-envoy-upstream-service-time
3
accept-ranges
bytes
cf-ray
81c652c91d442bbb-FRA
alt-svc
h3=":443"; ma=86400
content-length
75
OQER25S.png
i.imgur.com/ Frame E8CC 		270 KB
271 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/OQER25S.png
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
7740eedfa43b13a0c0ef57c77c72240b994238b5a5da8be3a9a32e3bdab60aa9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
3835404
x-cache
Miss from cloudfront, HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
276441
x-served-by
cache-iad-kjyo7100131-IAD, cache-fra-eddf8230067-FRA
last-modified
Mon, 16 Sep 2019 22:19:23 GMT
server
cat factory 1.0
x-timer
S1698361309.304882,VS0,VE2
etag
"340aeb974e84b0f941e794593116cd2d"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_R7EgPjzGfIjJ2Gee8NmKiGr0GQkDSrSR6ofxaSnh6FFU9HQHN8WZw==
x-cache-hits
7739, 1
v2
id5-sync.com/gm/ Frame DF86 		276 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
232731744ff2ee522dd590b07020c026e8392504526c29eaf2bf11d3f4741853
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
publisher:getClientId
ampcid.google.de/v1/ 		3 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
wl
t.pubmatic.com/ Frame DF86 		17 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=157163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:49 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
truncated
/ Frame 6405 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59ea065b8cc493e8748942c3c09d06def55332dea87be8798905073c77dc2721

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=410270039520634&ev=PageView&dl=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&rl=&if=false&ts=1698361309401&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbc=fb.1.1698361309396.IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&fbp=fb.1.1698361309398.788365593&ler=empty&it=1698361308761&coo=false&rqm=GET
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 26 Oct 2023 23:01:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
usergate.globo.com/ 		30 B
303 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://usergate.globo.com/
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.44.198.35.bc.googleusercontent.com
Software
/
Resource Hash
6a373c5b79ec9b010b70d6b619fe0fdcd50067ab10bb3d63449d4b6ccb77ce2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
access-control-allow-headers
User-Agent,Content-Type,Cookie,X-App,GLBID,GST
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
938 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8be33906a13c7418a9fa39d81f76255ec011b2acc3a26210cce6a0ef98a65ef0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
664
x-xss-protection
0
expires
Thu, 26 Oct 2023 23:01:49 GMT
botao-desk.png
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/botao-desk.png
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e9c22bbd697c2822c6c490583ca1d86ef5ecaacd185e7590d43b6cbff7b11c25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
x-openstack-request-id
txe57fea3193f94c119683b-00653aefd7
last-modified
Fri, 04 Aug 2023 14:56:58 GMT
x-thanos
0AB24042
etag
2f2d2b46ffaf3ad0f7c9648bf99a37a5
vary
Accept-Encoding, Origin
content-type
image/png
x-timestamp
1691161017.75719
cache-control
public, max-age=180
accept-ranges
bytes
content-length
1521
x-trans-id
txe57fea3193f94c119683b-00653aefd7
x-request-id
f0e85367-d187-416b-a127-8cc9a8ad5038
pixel
cm.g.doubleclick.net/ Frame 5BA0
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEC5Wi7Wgy2MJZKQwST7dBLU&google_cver=1&google_push=AXcoOmTZ6wRryhwDKNSpZdmED9aKGDpJLDEsB_kjavCC3JjaZakHXpNfn3jWWDL-BnE9M0O8W6VJ2gOlfBcCnOS6CMRCeyNrQFEd
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=724B2D43DB354FDEB412D05B410B47C9&google_push=AXcoOmTZ6wRryhwDKNSpZdmED9aKGDpJLDEsB_kjavCC3JjaZakHXpNfn3jWWDL-BnE9M0O8W6VJ2gOlfBcCnOS...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=724B2D43DB354FDEB412D05B410B47C9&google_push=AXcoOmTZ6wRryhwDKNSpZdmED9aKGDpJLDEsB_kjavCC3JjaZakHXpNfn3jWWDL-BnE9M0O8W6VJ2gOlfBcCnOS6CMRCeyNrQFEd
Requested by
Host: c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 26 Oct 2023 23:01:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=724B2D43DB354FDEB412D05B410B47C9&google_push=AXcoOmTZ6wRryhwDKNSpZdmED9aKGDpJLDEsB_kjavCC3JjaZakHXpNfn3jWWDL-BnE9M0O8W6VJ2gOlfBcCnOS6CMRCeyNrQFEd
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 25 Oct 2023 23:01:49 GMT
pixel
cm.g.doubleclick.net/ Frame 5BA0
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELUHu54W9GJvuyygcSSdty8&google_cver=1&google_push=AXcoOmTTtfe3gVAwNsAEHBYalasrYbzRxEiueXJ68_CKxCGcSN05ZOK0K-K0ci4SKmFTVYXUHZfdqhp2mg4RFm...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NDQwNjI3ODk1NjM4MjM1MQ%3D%3D&google_push=AXcoOmTTtfe3gVAwNsAEHBYalasrYbzRxEiueXJ68_CKxCGcSN05ZOK0K-K0ci4SKmFTVYXUHZfdqhp2mg4RFmGo44...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NDQwNjI3ODk1NjM4MjM1MQ%3D%3D&google_push=AXcoOmTTtfe3gVAwNsAEHBYalasrYbzRxEiueXJ68_CKxCGcSN05ZOK0K-K0ci4SKmFTVYXUHZfdqhp2mg4RFmGo44iZo2KQmMZE
Requested by
Host: c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5NDQwNjI3ODk1NjM4MjM1MQ%3D%3D&google_push=AXcoOmTTtfe3gVAwNsAEHBYalasrYbzRxEiueXJ68_CKxCGcSN05ZOK0K-K0ci4SKmFTVYXUHZfdqhp2mg4RFmGo44iZo2KQmMZE
Date
Thu, 26 Oct 2023 23:01:49 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
dds
rtb.openx.net/sync/ Frame 5BA0 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEHGemLo0Qy_5jHevIJBlPAM&google_cver=1&google_push=AXcoOmSSAJu8rNS95ONWNZfWq5qJHemA3ajx1impqmE_hGjAJJq5KtE_D52qX_37nup-pViY-UnvpRYZ-Ts4MiALBTJHQaf8M1z9
Requested by
Host: c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:49 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame 5BA0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF94GQyPIMBoiOx41ZlFOew&google_cver=1&google_push=AXcoOmQwdBLBUTM7BslQ8YqmXkkRDDCRGIN4kKuUCiqTGxeb2VjOaRVVJn_ur0EZMMHTz0OzZ_P...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE83U0daRzMtOS1KQ0o4&google_push=AXcoOmQwdBLBUTM7BslQ8YqmXkkRDDCRGIN4kKuUCiqTGxeb2VjOaRVVJn_ur0EZMMHTz0OzZ_PC_gIObrEatoqmUj3gEHM19jo
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE83U0daRzMtOS1KQ0o4&google_push=AXcoOmQwdBLBUTM7BslQ8YqmXkkRDDCRGIN4kKuUCiqTGxeb2VjOaRVVJn_ur0EZMMHTz0OzZ_PC_gIObrEatoqmUj3gEHM19jo
Requested by
Host: c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE83U0daRzMtOS1KQ0o4&google_push=AXcoOmQwdBLBUTM7BslQ8YqmXkkRDDCRGIN4kKuUCiqTGxeb2VjOaRVVJn_ur0EZMMHTz0OzZ_PC_gIObrEatoqmUj3gEHM19jo
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
pixel
cm.g.doubleclick.net/ Frame 5BA0
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPWDrMDQrWzlumjMjffBHNE&google_cver=1&google_push=AXcoOmS3NyBfSur5A9IdxNNByXQxTc6a6Nw0HWa9KtYtRjY8CL7GEvxu_RU_KelQDw2x_JOEk-ZFifNLN50g...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS3NyBfSur5A9IdxNNByXQxTc6a6Nw0HWa9KtYtRjY8CL7GEvxu_RU_KelQDw2x_JOEk-ZFifNLN50gldSlSBH5fwXIWgjr
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS3NyBfSur5A9IdxNNByXQxTc6a6Nw0HWa9KtYtRjY8CL7GEvxu_RU_KelQDw2x_JOEk-ZFifNLN50gldSlSBH5fwXIWgjr
Requested by
Host: c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS3NyBfSur5A9IdxNNByXQxTc6a6Nw0HWa9KtYtRjY8CL7GEvxu_RU_KelQDw2x_JOEk-ZFifNLN50gldSlSBH5fwXIWgjr
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync.smartadserver.com/api/ Frame 5BA0 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKDx6LbNS-blWfzdQ3swNus&google_cver=1&google_push=AXcoOmTcdQyApzH40EWsyVKl52xRhpUMoE04-d6cd4yKRaaHl0z8muBrSJgvY0BJ8ZFwd_pjF3acGHN_vFf4eknV5uWmkWd7NTVf
Requested by
Host: c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:48 GMT
content-length
0
0.gif
id5-sync.com/i/495/ Frame 5BA0
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEPf1Z9H8xD3dmomHnkaJuHQ&google_cver=1&google_push=AXcoOmQcX9exjbcQdobNsVjBImny3qvxde3BbnGABKGojfdsiYDKBRZcR6r5mnjjgd4ihoTBqprlkgqpcKNpxvtEMkiRwMHyEfmP-Q
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQcX9exjbcQdobNsVjBImny3qvxde3BbnGABKGojfds...
43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQcX9exjbcQdobNsVjBImny3qvxde3BbnGABKGojfdsiYDKBRZcR6r5mnjjgd4ihoTBqprlkgqpcKNpxvtEMkiRwMHyEfmP-Q
Requested by
Host: c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 26 Oct 2023 23:01:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmQcX9exjbcQdobNsVjBImny3qvxde3BbnGABKGojfdsiYDKBRZcR6r5mnjjgd4ihoTBqprlkgqpcKNpxvtEMkiRwMHyEfmP-Q
x-download-options
noopen
vary
Accept
content-length
273
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 5BA0 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jd6AVbfQ2Hv2Ryk0g4mGyTf2Z-CERu_RBz3OVQrBIJX4JF2c2hDoqN_a0pLO-AVHGKOjoYDw
Requested by
Host: c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4093 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTrv2wANrv8Iu_S1AAUc6tw0SZUtLE58Ibr7kg&u=%7CcPdNlPfxj8kk1vKwEGwpUkC4k82U7TA852VU3oBG4cQ%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WorlxbH5PHq5yqN4ZfUFzi7DSY4wae9_VGh6uW4BYaa5FFUcX1DiQgXz489gF2oeA_LG5_34nsRb-eCmAvdbHrRQTUumeNcBI5nq3EMMwo8F-rGkm-47dyrMGXoUPT6qDkjGZ-uPfuy1EZpyHTVU-70caknN-OXnXOPUkk-YB80w50mP35Dtzu0kxm7PySrpLGLstAsjZlvtuuJK4ut8k7iHt1MJfVYeRoIct7LdnSiFsFC3P1R-k0O1JY3r_cqPfg9R0Pnhw3abY7HXv4M5Ga4NUVjMtY0FfKTVshcz3Zh7l8NQEIYaY8-zfEbipI1c_oEzhm1xjMpwtL_b1lmFSP4ycC7uyEVe9XiocgfUCd6mO0QTd0TzzI9LXpQBN_YhtqJg5zl4MPmvvBHCa64DTD-jeQG290JV3vMvWOXBH5pBWvVO96fQvahBtNxFXCv0lYSSHi2MAMGmKFo27DJREu0WFGD8yOMfL_7KdsCyoO06GRQwKQlAHo4oGEnhNP0Lz2_UXinye8LWiUtJN6dTgVOUAzHm3QuY8LOHdai1y9RH-oqEka-3rEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBiPG2-86Zf_dNrXp7_UP6rmUmAzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCFzX670WzsT7gAgCoAwHIAwKqBIkDT9BDeKGrcnP8p40ii2rzzrNlUqUNAsi89SVWbSz1wtGiRD0Uo-QJ7m-M_dvjVArQ1VBG0IXSqaZe33CFSeuSRKm6iaTc5qR52CAYopirwStXsfcZNVjiZAjXuUi66LoEBo0qB-YGZykzsiHLx8ECt9dgtSL-J6IzT5j5ONnEROgtVhazj6shHDEikKET1u0ss5TRg0EEHXitZvWewIRfUQNUAzxTc5_N9kUozdL5T9foajrpfNhTwnRIwRtViJteVe2Yh65Xp5-JMHr4oUIL_weRY5VKI_oaVmrc1gCQgH5NeQO7YOHTLZTYwjPsLxo_6QN2n2XU7MrRV5x4hOVa2SQQQ7Awyok60iBOfXhxFjV-PozFIrTGuKkOLJXsNIJ19yZW_qFTqbC30UhpRgOcM8DDLn3uPalzDZG1yFCLyngQFqHfMMx76wnjsEKBiA91Ekx4G0VaCADjEZq8JyIoNVca2B71nyicEoGyj0LxZCfDQ_JYznkEZHVkyG1DM9jkm1ePx02NQdYy4AQBgAbJs6nFhPOiylmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_347esvcKJjZNTD9RDy3C1EoMaNwA%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6160144
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WloHN9H6KWUhuLVJq9ZNNvnUEtKEZ8o6%2FXgnAvIdbvH4yoTfeZoFn20fRAgge%2BSgoj4Eo1pGffPoLw%2FrcfJlpsL5mi9va9bMYgJaH23BXshjzDuRq1fIe5zPZ7%2FOAYdCN3szRp8U"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652c82fb93808-FRA
expires
Tue, 15 Oct 2024 23:01:49 GMT
animejs.js
static.criteo.net/animejs/ Frame 4093 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTrv2wANrv8Iu_S1AAUc6tw0SZUtLE58Ibr7kg&u=%7CcPdNlPfxj8kk1vKwEGwpUkC4k82U7TA852VU3oBG4cQ%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WorlxbH5PHq5yqN4ZfUFzi7DSY4wae9_VGh6uW4BYaa5FFUcX1DiQgXz489gF2oeA_LG5_34nsRb-eCmAvdbHrRQTUumeNcBI5nq3EMMwo8F-rGkm-47dyrMGXoUPT6qDkjGZ-uPfuy1EZpyHTVU-70caknN-OXnXOPUkk-YB80w50mP35Dtzu0kxm7PySrpLGLstAsjZlvtuuJK4ut8k7iHt1MJfVYeRoIct7LdnSiFsFC3P1R-k0O1JY3r_cqPfg9R0Pnhw3abY7HXv4M5Ga4NUVjMtY0FfKTVshcz3Zh7l8NQEIYaY8-zfEbipI1c_oEzhm1xjMpwtL_b1lmFSP4ycC7uyEVe9XiocgfUCd6mO0QTd0TzzI9LXpQBN_YhtqJg5zl4MPmvvBHCa64DTD-jeQG290JV3vMvWOXBH5pBWvVO96fQvahBtNxFXCv0lYSSHi2MAMGmKFo27DJREu0WFGD8yOMfL_7KdsCyoO06GRQwKQlAHo4oGEnhNP0Lz2_UXinye8LWiUtJN6dTgVOUAzHm3QuY8LOHdai1y9RH-oqEka-3rEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBiPG2-86Zf_dNrXp7_UP6rmUmAzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCFzX670WzsT7gAgCoAwHIAwKqBIkDT9BDeKGrcnP8p40ii2rzzrNlUqUNAsi89SVWbSz1wtGiRD0Uo-QJ7m-M_dvjVArQ1VBG0IXSqaZe33CFSeuSRKm6iaTc5qR52CAYopirwStXsfcZNVjiZAjXuUi66LoEBo0qB-YGZykzsiHLx8ECt9dgtSL-J6IzT5j5ONnEROgtVhazj6shHDEikKET1u0ss5TRg0EEHXitZvWewIRfUQNUAzxTc5_N9kUozdL5T9foajrpfNhTwnRIwRtViJteVe2Yh65Xp5-JMHr4oUIL_weRY5VKI_oaVmrc1gCQgH5NeQO7YOHTLZTYwjPsLxo_6QN2n2XU7MrRV5x4hOVa2SQQQ7Awyok60iBOfXhxFjV-PozFIrTGuKkOLJXsNIJ19yZW_qFTqbC30UhpRgOcM8DDLn3uPalzDZG1yFCLyngQFqHfMMx76wnjsEKBiA91Ekx4G0VaCADjEZq8JyIoNVca2B71nyicEoGyj0LxZCfDQ_JYznkEZHVkyG1DM9jkm1ePx02NQdYy4AQBgAbJs6nFhPOiylmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_347esvcKJjZNTD9RDy3C1EoMaNwA%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 23:01:49 GMT
d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/ 		1 MB
344 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/dmp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
824213f800c8a2a4ca1f390f249881d603993020a17c9a35c517f7f5f2195cba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
d39f98ec-9259-4f8b-896d-7ab58be1f900
age
0
x-guploader-uploadid
ABPtcPquzNi-4ulCXfnmOauDIhgJ8gQ07g0JpcKyU-UOas0EV68_vAM3YEi6TtewgDj0eVkqfZP7Q3wjYZ0fOmpyndiAB5zcwJIn
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Thu, 26 Oct 2023 21:38:32 GMT
server
cloudflare
etag
W/"bd9f2a2719f49b99bdf80ee3eeb671d5"
vary
Accept-Encoding
x-goog-generation
1698356312474402
content-type
application/javascript
x-goog-hash
crc32c=U8au+A==, md5=vZ8qJxn0m5m9+A7j7rZx1Q==
cache-control
public, max-age=900
x-goog-stored-content-length
373410
timing-allow-origin
*
cf-ray
81c652ca9e149b3f-FRA
expires
Thu, 26 Oct 2023 23:16:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FBAE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310190101&jk=3342239636537992&rc=
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
img
imageproxy.eu.criteo.net/img/ Frame 4093 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=68364&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F63103%2F190903%2F7960ede906974abdb452fce9811075a9_logo2.png&v=3&w=356&rid=4&s=Bdzz2RYR6XsLhopgGhJZgTfO
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTrv2wANrv8Iu_S1AAUc6tw0SZUtLE58Ibr7kg&u=%7CcPdNlPfxj8kk1vKwEGwpUkC4k82U7TA852VU3oBG4cQ%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WorlxbH5PHq5yqN4ZfUFzi7DSY4wae9_VGh6uW4BYaa5FFUcX1DiQgXz489gF2oeA_LG5_34nsRb-eCmAvdbHrRQTUumeNcBI5nq3EMMwo8F-rGkm-47dyrMGXoUPT6qDkjGZ-uPfuy1EZpyHTVU-70caknN-OXnXOPUkk-YB80w50mP35Dtzu0kxm7PySrpLGLstAsjZlvtuuJK4ut8k7iHt1MJfVYeRoIct7LdnSiFsFC3P1R-k0O1JY3r_cqPfg9R0Pnhw3abY7HXv4M5Ga4NUVjMtY0FfKTVshcz3Zh7l8NQEIYaY8-zfEbipI1c_oEzhm1xjMpwtL_b1lmFSP4ycC7uyEVe9XiocgfUCd6mO0QTd0TzzI9LXpQBN_YhtqJg5zl4MPmvvBHCa64DTD-jeQG290JV3vMvWOXBH5pBWvVO96fQvahBtNxFXCv0lYSSHi2MAMGmKFo27DJREu0WFGD8yOMfL_7KdsCyoO06GRQwKQlAHo4oGEnhNP0Lz2_UXinye8LWiUtJN6dTgVOUAzHm3QuY8LOHdai1y9RH-oqEka-3rEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBiPG2-86Zf_dNrXp7_UP6rmUmAzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCFzX670WzsT7gAgCoAwHIAwKqBIkDT9BDeKGrcnP8p40ii2rzzrNlUqUNAsi89SVWbSz1wtGiRD0Uo-QJ7m-M_dvjVArQ1VBG0IXSqaZe33CFSeuSRKm6iaTc5qR52CAYopirwStXsfcZNVjiZAjXuUi66LoEBo0qB-YGZykzsiHLx8ECt9dgtSL-J6IzT5j5ONnEROgtVhazj6shHDEikKET1u0ss5TRg0EEHXitZvWewIRfUQNUAzxTc5_N9kUozdL5T9foajrpfNhTwnRIwRtViJteVe2Yh65Xp5-JMHr4oUIL_weRY5VKI_oaVmrc1gCQgH5NeQO7YOHTLZTYwjPsLxo_6QN2n2XU7MrRV5x4hOVa2SQQQ7Awyok60iBOfXhxFjV-PozFIrTGuKkOLJXsNIJ19yZW_qFTqbC30UhpRgOcM8DDLn3uPalzDZG1yFCLyngQFqHfMMx76wnjsEKBiA91Ekx4G0VaCADjEZq8JyIoNVca2B71nyicEoGyj0LxZCfDQ_JYznkEZHVkyG1DM9jkm1ePx02NQdYy4AQBgAbJs6nFhPOiylmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_347esvcKJjZNTD9RDy3C1EoMaNwA%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
df9407425c842a4c9648cbc742a30d5e21b2ffed257d83cb856570b34bf8dfd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
12491
expires
Thu, 03 Oct 2024 04:48:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4093 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=68364&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F68361%2F220512%2Fe638f76d974348fd924ed3f1d38b7d96_img_square_1.jpg&v=3&w=1200&rid=4&s=XzwxQ17lRYyb3RnNS_VdjvK0
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTrv2wANrv8Iu_S1AAUc6tw0SZUtLE58Ibr7kg&u=%7CcPdNlPfxj8kk1vKwEGwpUkC4k82U7TA852VU3oBG4cQ%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WorlxbH5PHq5yqN4ZfUFzi7DSY4wae9_VGh6uW4BYaa5FFUcX1DiQgXz489gF2oeA_LG5_34nsRb-eCmAvdbHrRQTUumeNcBI5nq3EMMwo8F-rGkm-47dyrMGXoUPT6qDkjGZ-uPfuy1EZpyHTVU-70caknN-OXnXOPUkk-YB80w50mP35Dtzu0kxm7PySrpLGLstAsjZlvtuuJK4ut8k7iHt1MJfVYeRoIct7LdnSiFsFC3P1R-k0O1JY3r_cqPfg9R0Pnhw3abY7HXv4M5Ga4NUVjMtY0FfKTVshcz3Zh7l8NQEIYaY8-zfEbipI1c_oEzhm1xjMpwtL_b1lmFSP4ycC7uyEVe9XiocgfUCd6mO0QTd0TzzI9LXpQBN_YhtqJg5zl4MPmvvBHCa64DTD-jeQG290JV3vMvWOXBH5pBWvVO96fQvahBtNxFXCv0lYSSHi2MAMGmKFo27DJREu0WFGD8yOMfL_7KdsCyoO06GRQwKQlAHo4oGEnhNP0Lz2_UXinye8LWiUtJN6dTgVOUAzHm3QuY8LOHdai1y9RH-oqEka-3rEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBiPG2-86Zf_dNrXp7_UP6rmUmAzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCFzX670WzsT7gAgCoAwHIAwKqBIkDT9BDeKGrcnP8p40ii2rzzrNlUqUNAsi89SVWbSz1wtGiRD0Uo-QJ7m-M_dvjVArQ1VBG0IXSqaZe33CFSeuSRKm6iaTc5qR52CAYopirwStXsfcZNVjiZAjXuUi66LoEBo0qB-YGZykzsiHLx8ECt9dgtSL-J6IzT5j5ONnEROgtVhazj6shHDEikKET1u0ss5TRg0EEHXitZvWewIRfUQNUAzxTc5_N9kUozdL5T9foajrpfNhTwnRIwRtViJteVe2Yh65Xp5-JMHr4oUIL_weRY5VKI_oaVmrc1gCQgH5NeQO7YOHTLZTYwjPsLxo_6QN2n2XU7MrRV5x4hOVa2SQQQ7Awyok60iBOfXhxFjV-PozFIrTGuKkOLJXsNIJ19yZW_qFTqbC30UhpRgOcM8DDLn3uPalzDZG1yFCLyngQFqHfMMx76wnjsEKBiA91Ekx4G0VaCADjEZq8JyIoNVca2B71nyicEoGyj0LxZCfDQ_JYznkEZHVkyG1DM9jkm1ePx02NQdYy4AQBgAbJs6nFhPOiylmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_347esvcKJjZNTD9RDy3C1EoMaNwA%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.15 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
142f8494fc200b226bac847dbd9e33ebb086f6f268de92cd06c5a53b74bd191e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
191052
expires
Wed, 02 Oct 2024 10:22:10 GMT
all
csm.eu.criteo.net/ Frame 4093 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=BFz2l2kOJQGZiDnkHC6Ru_rsJMIR6iYTbUKxLFFaqIyTqUsoNS6Htk9-5lCvQRio7IOGWGXlH1H-o41qHySpyUtfAN3_3DvUyYE8MeDAQCGuKLjZ9bC-T6of2lpbKYxkA7jLpl48djTU4iuqTMWVFxVzMFLonVAo7dySRC0UoGH4L5DaSMCQzZjRyA37QYIzPC-9uH5QOTWPSACcDaQGyRVRmGSGDQrl2_F0LeEgUJSqlVpQlN3Q1e5cvZ6LdHY4kLqHqw&sds=2&rev=89054&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTrv2wANrv8Iu_S1AAUc6tw0SZUtLE58Ibr7kg&u=%7CcPdNlPfxj8kk1vKwEGwpUkC4k82U7TA852VU3oBG4cQ%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WorlxbH5PHq5yqN4ZfUFzi7DSY4wae9_VGh6uW4BYaa5FFUcX1DiQgXz489gF2oeA_LG5_34nsRb-eCmAvdbHrRQTUumeNcBI5nq3EMMwo8F-rGkm-47dyrMGXoUPT6qDkjGZ-uPfuy1EZpyHTVU-70caknN-OXnXOPUkk-YB80w50mP35Dtzu0kxm7PySrpLGLstAsjZlvtuuJK4ut8k7iHt1MJfVYeRoIct7LdnSiFsFC3P1R-k0O1JY3r_cqPfg9R0Pnhw3abY7HXv4M5Ga4NUVjMtY0FfKTVshcz3Zh7l8NQEIYaY8-zfEbipI1c_oEzhm1xjMpwtL_b1lmFSP4ycC7uyEVe9XiocgfUCd6mO0QTd0TzzI9LXpQBN_YhtqJg5zl4MPmvvBHCa64DTD-jeQG290JV3vMvWOXBH5pBWvVO96fQvahBtNxFXCv0lYSSHi2MAMGmKFo27DJREu0WFGD8yOMfL_7KdsCyoO06GRQwKQlAHo4oGEnhNP0Lz2_UXinye8LWiUtJN6dTgVOUAzHm3QuY8LOHdai1y9RH-oqEka-3rEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBiPG2-86Zf_dNrXp7_UP6rmUmAzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCFzX670WzsT7gAgCoAwHIAwKqBIkDT9BDeKGrcnP8p40ii2rzzrNlUqUNAsi89SVWbSz1wtGiRD0Uo-QJ7m-M_dvjVArQ1VBG0IXSqaZe33CFSeuSRKm6iaTc5qR52CAYopirwStXsfcZNVjiZAjXuUi66LoEBo0qB-YGZykzsiHLx8ECt9dgtSL-J6IzT5j5ONnEROgtVhazj6shHDEikKET1u0ss5TRg0EEHXitZvWewIRfUQNUAzxTc5_N9kUozdL5T9foajrpfNhTwnRIwRtViJteVe2Yh65Xp5-JMHr4oUIL_weRY5VKI_oaVmrc1gCQgH5NeQO7YOHTLZTYwjPsLxo_6QN2n2XU7MrRV5x4hOVa2SQQQ7Awyok60iBOfXhxFjV-PozFIrTGuKkOLJXsNIJ19yZW_qFTqbC30UhpRgOcM8DDLn3uPalzDZG1yFCLyngQFqHfMMx76wnjsEKBiA91Ekx4G0VaCADjEZq8JyIoNVca2B71nyicEoGyj0LxZCfDQ_JYznkEZHVkyG1DM9jkm1ePx02NQdYy4AQBgAbJs6nFhPOiylmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_347esvcKJjZNTD9RDy3C1EoMaNwA%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 26 Oct 2023 23:01:49 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4093 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTrv2wANrv8Iu_S1AAUc6tw0SZUtLE58Ibr7kg&u=%7CcPdNlPfxj8kk1vKwEGwpUkC4k82U7TA852VU3oBG4cQ%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WorlxbH5PHq5yqN4ZfUFzi7DSY4wae9_VGh6uW4BYaa5FFUcX1DiQgXz489gF2oeA_LG5_34nsRb-eCmAvdbHrRQTUumeNcBI5nq3EMMwo8F-rGkm-47dyrMGXoUPT6qDkjGZ-uPfuy1EZpyHTVU-70caknN-OXnXOPUkk-YB80w50mP35Dtzu0kxm7PySrpLGLstAsjZlvtuuJK4ut8k7iHt1MJfVYeRoIct7LdnSiFsFC3P1R-k0O1JY3r_cqPfg9R0Pnhw3abY7HXv4M5Ga4NUVjMtY0FfKTVshcz3Zh7l8NQEIYaY8-zfEbipI1c_oEzhm1xjMpwtL_b1lmFSP4ycC7uyEVe9XiocgfUCd6mO0QTd0TzzI9LXpQBN_YhtqJg5zl4MPmvvBHCa64DTD-jeQG290JV3vMvWOXBH5pBWvVO96fQvahBtNxFXCv0lYSSHi2MAMGmKFo27DJREu0WFGD8yOMfL_7KdsCyoO06GRQwKQlAHo4oGEnhNP0Lz2_UXinye8LWiUtJN6dTgVOUAzHm3QuY8LOHdai1y9RH-oqEka-3rEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBiPG2-86Zf_dNrXp7_UP6rmUmAzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCFzX670WzsT7gAgCoAwHIAwKqBIkDT9BDeKGrcnP8p40ii2rzzrNlUqUNAsi89SVWbSz1wtGiRD0Uo-QJ7m-M_dvjVArQ1VBG0IXSqaZe33CFSeuSRKm6iaTc5qR52CAYopirwStXsfcZNVjiZAjXuUi66LoEBo0qB-YGZykzsiHLx8ECt9dgtSL-J6IzT5j5ONnEROgtVhazj6shHDEikKET1u0ss5TRg0EEHXitZvWewIRfUQNUAzxTc5_N9kUozdL5T9foajrpfNhTwnRIwRtViJteVe2Yh65Xp5-JMHr4oUIL_weRY5VKI_oaVmrc1gCQgH5NeQO7YOHTLZTYwjPsLxo_6QN2n2XU7MrRV5x4hOVa2SQQQ7Awyok60iBOfXhxFjV-PozFIrTGuKkOLJXsNIJ19yZW_qFTqbC30UhpRgOcM8DDLn3uPalzDZG1yFCLyngQFqHfMMx76wnjsEKBiA91Ekx4G0VaCADjEZq8JyIoNVca2B71nyicEoGyj0LxZCfDQ_JYznkEZHVkyG1DM9jkm1ePx02NQdYy4AQBgAbJs6nFhPOiylmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_347esvcKJjZNTD9RDy3C1EoMaNwA%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 23:01:49 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4093 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTrv2wANrv8Iu_S1AAUc6tw0SZUtLE58Ibr7kg&u=%7CcPdNlPfxj8kk1vKwEGwpUkC4k82U7TA852VU3oBG4cQ%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WorlxbH5PHq5yqN4ZfUFzi7DSY4wae9_VGh6uW4BYaa5FFUcX1DiQgXz489gF2oeA_LG5_34nsRb-eCmAvdbHrRQTUumeNcBI5nq3EMMwo8F-rGkm-47dyrMGXoUPT6qDkjGZ-uPfuy1EZpyHTVU-70caknN-OXnXOPUkk-YB80w50mP35Dtzu0kxm7PySrpLGLstAsjZlvtuuJK4ut8k7iHt1MJfVYeRoIct7LdnSiFsFC3P1R-k0O1JY3r_cqPfg9R0Pnhw3abY7HXv4M5Ga4NUVjMtY0FfKTVshcz3Zh7l8NQEIYaY8-zfEbipI1c_oEzhm1xjMpwtL_b1lmFSP4ycC7uyEVe9XiocgfUCd6mO0QTd0TzzI9LXpQBN_YhtqJg5zl4MPmvvBHCa64DTD-jeQG290JV3vMvWOXBH5pBWvVO96fQvahBtNxFXCv0lYSSHi2MAMGmKFo27DJREu0WFGD8yOMfL_7KdsCyoO06GRQwKQlAHo4oGEnhNP0Lz2_UXinye8LWiUtJN6dTgVOUAzHm3QuY8LOHdai1y9RH-oqEka-3rEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBiPG2-86Zf_dNrXp7_UP6rmUmAzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCFzX670WzsT7gAgCoAwHIAwKqBIkDT9BDeKGrcnP8p40ii2rzzrNlUqUNAsi89SVWbSz1wtGiRD0Uo-QJ7m-M_dvjVArQ1VBG0IXSqaZe33CFSeuSRKm6iaTc5qR52CAYopirwStXsfcZNVjiZAjXuUi66LoEBo0qB-YGZykzsiHLx8ECt9dgtSL-J6IzT5j5ONnEROgtVhazj6shHDEikKET1u0ss5TRg0EEHXitZvWewIRfUQNUAzxTc5_N9kUozdL5T9foajrpfNhTwnRIwRtViJteVe2Yh65Xp5-JMHr4oUIL_weRY5VKI_oaVmrc1gCQgH5NeQO7YOHTLZTYwjPsLxo_6QN2n2XU7MrRV5x4hOVa2SQQQ7Awyok60iBOfXhxFjV-PozFIrTGuKkOLJXsNIJ19yZW_qFTqbC30UhpRgOcM8DDLn3uPalzDZG1yFCLyngQFqHfMMx76wnjsEKBiA91Ekx4G0VaCADjEZq8JyIoNVca2B71nyicEoGyj0LxZCfDQ_JYznkEZHVkyG1DM9jkm1ePx02NQdYy4AQBgAbJs6nFhPOiylmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_347esvcKJjZNTD9RDy3C1EoMaNwA%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 23:01:49 GMT
usr
usr.navdmp.com/ 		77 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=13574&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.14.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
786b5fdbb186450cd83c1c2ba7eeeaccb746c6704b59b1506f9a7c12c5194500

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
public
date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
81c652c91a3837ca-FRA
expires
Fri, 27 Oct 2023 00:01:49 GMT
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame C45C 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 16:43:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
109120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 16:43:09 GMT
f5f880bd7ac3f28dd13a.js
sdk.mrf.io/statics/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/f5f880bd7ac3f28dd13a.js
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/compass-multimedia-sdk.js?version=776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b44a995a7707fe6599af49e2702b429f8f13495db37ad27b32f7768ad4b0e594

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
br
via
1.1 46d5c1a4d1e3a5c8a14bdb9b6676ba10.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
LHR61-C1
age
3408
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
15
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 26 Oct 2023 06:39:19 GMT
server
cloudflare
etag
W/"15ead7903f78875f0a05f6e96d47f862"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
timing-allow-origin
*
cf-ray
81c652c93db7371a-FRA
x-amz-cf-id
hrIYwtvI_uqiqlEQ6XJnCBo_9hqnyL8YjFaiT-6bLDvQ71ud3fMRjg==
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 3951 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.232.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-232-182.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Thu, 26 Oct 2023 23:16:49 GMT
map
bcp.crwdcntrl.net/6/ Frame 3951 		60 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.64.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-64-164.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
36321d70bbacd5eecd09163f19142f2d67932d40c963f02aaf9a094193af197a

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:49 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache
x-server
10.45.29.166
access-control-allow-credentials
true
content-length
60
expires
0
montserrat-400.css
static.criteo.net/design/googlefont/montserrat/ Frame 4093 		2 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7e-675"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 23:01:49 GMT
lato-400.css
static.criteo.net/design/googlefont/lato/ Frame 4093 		682 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/lato/lato-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 14:04:37 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391eef5-2aa"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Oct 2024 23:01:49 GMT
lato-700.css
static.criteo.net/design/googlefont/lato/ Frame 4093 		682 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/lato/lato-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 14:04:38 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391eef6-2aa"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Oct 2024 23:01:49 GMT
login-callback.ghtml
oglobo.globo.com/ Frame E9B7
Redirect Chain
  • https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=oglobo%40apps.globoid&redirect_uri=https%3A%2F%2Foglobo.globo.com%2Flogin-callback.ghtml&state=9eb49457-4905-4c93-8...
  • https://oglobo.globo.com/login-callback.ghtml
345 B
817 B 		Document
General
Check archive.org
Download Go to
Full URL
https://oglobo.globo.com/login-callback.ghtml
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
201.7.177.244 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
956bd91287fd5d85b711fd51418e53c6eeb3536134044ce39f67fb20938e160c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=10
content-encoding
gzip
content-length
244
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 23:01:50 GMT
expires
Thu, 26 Oct 2023 23:02:00 GMT
show-page-version
0
vary
X-Forwarded-Proto, User-Agent, Accept-Encoding
via
2.0 CachOS
wall-blocked-session
0
wall-subscription-level
0
wall-usl-status
x-bip
1091045 cmad06lx29ca02.globoi.com
x-cache-status
HIT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-location-rule
show_services
x-mobile
desktop
x-request-id
93b212af-b0f0-4ebe-a660-ec3a246b5110
x-served-from
oglobo-router-gcp, Show Services GCP
x-thanos
0A80FC0D
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since, framework_version_header, system_version_header, platform_header, app_id_header, access_header, globoid_connect_apikey
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, must-revalidate, max-age=0
content-length
0
date
Thu, 26 Oct 2023 23:01:49 GMT
location
https://oglobo.globo.com/login-callback.ghtml#error=login_required&state=9eb49457-4905-4c93-8c28-655c5f373b85
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/ 		3 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=406410932&t=event&ni=0&_s=1&dl=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&dp=%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&ul=en-us&de=UTF-8&dt=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Cobertura_API_Sem&el=SemClientId&_u=aCDAgEABAAQCACAGK~&jid=275014568&gjid=1212391232&cid=233865381.1698361305&tid=UA-51216819-1&_gid=915941492.1698361310&_slc=1&gtm=45He3ap0n71P4R423v6920778&cd1=%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&cd4=20231019&cd5=7&cd6=&cd7=Giulia%20Ventura%2C%20Paolla%20Serra%20e%20Rafael%20Soares&cd8=&cd9=materia&cd10=Sim&cd11=9&cd12=&cd45=(direto%2Findefinido)&cd46=viral&cd52=233865381.1698361305&cd60=N%C3%A3o&cd61=&cd82=responsivo&cd83=Giulia%20Ventura%2C%20Paolla%20Serra%20e%20Rafael%20Soares&cd90=18f04047-0e59-47f0-8b68-d4ded7eb4723&gcd=11l1l1l1l1&z=2056535698
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-51216819-1&cid=233865381.1698361305&jid=275014568&gjid=1212391232&_gid=915941492.1698361310&_u=aCDAgEABAAQCAGAGKAC~&z=1034107083
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 26 Oct 2023 23:01:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=406410932&t=pageview&_s=1&dl=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&dp=%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&ul=en-us&de=UTF-8&dt=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiEABBAQCAGAGKAC~&jid=1547055880&gjid=228128157&cid=233865381.1698361305&tid=UA-51216819-16&_gid=915941492.1698361310&_slc=1&gtm=45He3ap0n71P4R423v6920778&cd4=20231019&cd5=7&cd6=&cd7=Giulia%20Ventura%2C%20Paolla%20Serra%20e%20Rafael%20Soares&cd8=&cd9=materia&cd10=Sim&cd11=responsivo&cd12=%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&cd45=(direto%2Findefinido)&cd46=viral&cd52=233865381.1698361305&cd60=N%C3%A3o&cd61=&cd82=9&cd83=Giulia%20Ventura%2C%20Paolla%20Serra%20e%20Rafael%20Soares&cd90=18f04047-0e59-47f0-8b68-d4ded7eb4723&gcd=11l1l1l1l1&cd3=&cd47=0&cd84=&z=348068857
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-51216819-16&cid=233865381.1698361305&jid=1547055880&gjid=228128157&_gid=915941492.1698361310&_u=aCDAiEABBAQCAGAGKAC~&z=854065094
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 26 Oct 2023 23:01:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=406410932&t=event&ni=0&_s=1&dl=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&ul=en-us&de=UTF-8&dt=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=beforeBrowserEvent&el=Before%20browser%20event&_u=6CDACEABBAQCAGAGKAC~&jid=964261623&gjid=1202333725&cid=233865381.1698361305&tid=UA-54312464-7&_gid=915941492.1698361310&_r=1&_slc=1&z=1564798653
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=406410932&t=event&ni=0&_s=1&dl=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&dp=%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&ul=en-us&de=UTF-8&dt=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Footer&el=og_footer_semcookie_agosto23&_u=aCDAiEABBAQCAGAGKAC~&jid=&gjid=&cid=233865381.1698361305&tid=UA-51216819-1&_gid=915941492.1698361310&gtm=45He3ap0n71P4R423v6920778&cd1=%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&cd4=20231019&cd5=7&cd6=&cd7=Giulia%20Ventura%2C%20Paolla%20Serra%20e%20Rafael%20Soares&cd8=&cd9=materia&cd10=Sim&cd11=9&cd12=&cd45=(direto%2Findefinido)&cd46=viral&cd52=233865381.1698361305&cd60=N%C3%A3o&cd61=&cd82=responsivo&cd83=Giulia%20Ventura%2C%20Paolla%20Serra%20e%20Rafael%20Soares&cd90=18f04047-0e59-47f0-8b68-d4ded7eb4723&gcd=11l1l1l1l1&z=2039342091
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 20:46:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8103
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=406410932&t=event&ni=0&_s=1&dl=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&dp=%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&ul=en-us&de=UTF-8&dt=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Exibicao%20Register&el=og_register_semcookie_cadastro_tst_U&_u=aCDAiEABBAQCAGAGKAC~&jid=&gjid=&cid=233865381.1698361305&tid=UA-51216819-1&_gid=915941492.1698361310&gtm=45He3ap0n71P4R423v6920778&cd1=%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&cd4=20231019&cd5=7&cd6=&cd7=Giulia%20Ventura%2C%20Paolla%20Serra%20e%20Rafael%20Soares&cd8=&cd9=materia&cd10=Sim&cd11=9&cd12=&cd45=(direto%2Findefinido)&cd46=viral&cd52=233865381.1698361305&cd60=N%C3%A3o&cd61=&cd82=responsivo&cd83=Giulia%20Ventura%2C%20Paolla%20Serra%20e%20Rafael%20Soares&cd90=18f04047-0e59-47f0-8b68-d4ded7eb4723&gcd=11l1l1l1l1&z=1767135563
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 20:46:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8103
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=406410932&t=event&ni=1&_s=2&dl=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&ul=en-us&de=UTF-8&dt=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=experienceExecute&el=Experience%20execute&_u=6CDACEABBAQCAGAGKAC~&jid=&gjid=&cid=233865381.1698361305&tid=UA-54312464-7&_gid=915941492.1698361310&z=224618319
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 20:46:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8103
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=406410932&t=event&ni=1&_s=3&dl=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&ul=en-us&de=UTF-8&dt=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=setResponseVariable&el=Set%20response%20variable&_u=6CDACEABBAQCAGAGKAC~&jid=&gjid=&cid=233865381.1698361305&tid=UA-54312464-7&_gid=915941492.1698361310&z=1629340321
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 20:46:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8103
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=406410932&t=event&ni=1&_s=4&dl=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&ul=en-us&de=UTF-8&dt=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=meterActive&el=Meter%20active&_u=6CDACEABBAQCAGAGKAC~&jid=&gjid=&cid=233865381.1698361305&tid=UA-54312464-7&_gid=915941492.1698361310&z=2137082338
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 20:46:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8103
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=406410932&t=event&ni=1&_s=5&dl=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&ul=en-us&de=UTF-8&dt=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=meterActive&el=Meter%20active&_u=6CDACEABBAQCAGAGKAC~&jid=&gjid=&cid=233865381.1698361305&tid=UA-54312464-7&_gid=915941492.1698361310&z=1243367960
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 20:46:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8103
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=406410932&t=event&ni=1&_s=6&dl=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&ul=en-us&de=UTF-8&dt=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=setResponseVariable&el=Set%20response%20variable&_u=6CDACEABBAQCAGAGKAC~&jid=&gjid=&cid=233865381.1698361305&tid=UA-54312464-7&_gid=915941492.1698361310&z=207941892
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 20:46:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8103
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=406410932&t=event&ni=1&_s=7&dl=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&ul=en-us&de=UTF-8&dt=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=showTemplate&el=Show%20template&_u=6CDACEABBAQCAGAGKAC~&jid=&gjid=&cid=233865381.1698361305&tid=UA-54312464-7&_gid=915941492.1698361310&z=1440897003
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 20:46:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8103
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=406410932&t=event&ni=0&_s=1&dl=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&dp=%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&ul=en-us&de=UTF-8&dt=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Botao&el=botao%20-%20logado_exass_barr%20-%20oferta%20-%20og_botao_topo_semcookie_agosto23&_u=6CDAiEABBAQCAGAGKAC~&jid=&gjid=&cid=233865381.1698361305&tid=UA-51216819-1&_gid=915941492.1698361310&gtm=45He3ap0n71P4R423v6920778&cd1=%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&cd4=20231019&cd5=7&cd6=&cd7=Giulia%20Ventura%2C%20Paolla%20Serra%20e%20Rafael%20Soares&cd8=&cd9=materia&cd10=Sim&cd11=9&cd12=&cd45=(direto%2Findefinido)&cd46=viral&cd52=233865381.1698361305&cd60=N%C3%A3o&cd61=&cd82=responsivo&cd83=Giulia%20Ventura%2C%20Paolla%20Serra%20e%20Rafael%20Soares&cd90=18f04047-0e59-47f0-8b68-d4ded7eb4723&gcd=11l1l1l1l1&z=341913265
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 20:46:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8103
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
lato-400-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame 4093 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/lato/lato-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/lato/lato-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:04:37 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391eef5-5c1c"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 23:01:50 GMT
lato-700-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame 4093 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/lato/lato-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
716984a7fcbaf6d6d6cc56fee107055f99154d251702b57aefcdcab4e44ba798
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/lato/lato-700.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:04:37 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391eef5-5a00"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 23:01:50 GMT
recirculation.php
events.newsroom.bi/ 		12 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/recirculation.php
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.96.35 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy03.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
12
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame 3951 		190 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
63.215.202.146 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams01-convex-float1.dotomi.com
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Thu, 26 Oct 2023 23:31:49 GMT
selected-alternatives
globo-ab.globo.com/v2/ 		309 B
700 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://globo-ab.globo.com/v2/selected-alternatives?experiments=player-isolated-experiment-02&skipImpressions=true
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.229.88 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
88.229.95.34.bc.googleusercontent.com
Software
/
Resource Hash
e7934d040a6689c6bc27d34ffc89b2eee370941e271d005072fe31bb650bea16
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
strict-transport-security
max-age=300; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
trace-id
abd50aa649780290
access-control-allow-headers
user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID
montserrat-400-latin.woff2
static.criteo.net/design/googlefont/montserrat/ Frame 4093 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/montserrat/montserrat-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/montserrat/montserrat-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:06:54 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391ef7e-31a4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 20 Oct 2024 23:01:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3951 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1RDGT1ef9I_xQH4fYePn8u-GGJMBH2CMuvXQ7RVKXpcLt2oZzrh0RpKMw0tkD2NglT99sc1rGqIkegdMSggdwLxjIx6mmSCk4A0hO9v8coyi3dLjTwA5QmM5yUKJJDUIc8aKOMRAvpcdRWY9JBe-4tYa-8JuXKSTgm0doriywMfxpisxzRP-yD_wk4ac-rSt0-BLysBLKiek4C2nxaB9Ki6co_wHTgQCs3Pqav_HbEUyY8_KkQkFEIak_P6iI4TPdGFLaBfwseWCofbJ_rS3lAfsbnMEix6db13cv7pnc7sxHaBzhcfzdSOSD0srb_FewZlmM20SM065EW8iVJ0hc0qzGW8QfHIxjcDRtr__Nrkl1aeURx5teFOVWdTBpm4_Szo_S&sai=AMfl-YQE9JffYDyWQV8okQ0mWVSBCB6YtIKyJRIkF9A70zY-F7lBcblLStlmrMhMr7d9LQ-dOlxqrVB7f0uPmq9mar220PJiGz46p9a4879AhncyZ08qWfZ805JQ6MA7dw&sig=Cg0ArKJSzHHZaO2tfW5wEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 26 Oct 2023 23:01:49 GMT
/
targeting.voxus.com.br/v/ 		7 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.voxus.com.br/v/
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.29.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
047161f5db1dae5ba25f3619620d4158ad402001c42228fc757a2559638454dc

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 26 Oct 2023 19:14:16 GMT
server
cloudflare
content-type
text/html
access-control-allow-origin
*
cf-ray
81c652cd6a704d8a-FRA
access-control-allow-headers
sentry-trace
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame 3951 		230 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.232.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-232-182.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f981cd12a95a3d5cd29fed7b0e95e8b292061ca5d5237ff572d0b88e6894aaef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:49 GMT
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 16:10:16 GMT
server
Apache
etag
"3965e-607ffe0078239-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67642
expires
Thu, 26 Oct 2023 23:16:49 GMT
req
cdn.navdmp.com/ 		6 B
100 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=138a3db9a43357b25c2226fef610&acc=13574&url=https%3A//oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&tit=Cidade%20da%20Pol%EDcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%E1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&h1=Cidade%20da%20Pol%EDcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%E1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.14.243 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
81c652cb4bce37ca-FRA
content-length
6
content-type
application/x-javascript
usermatch.gif
beacon.krxd.net/ 		0
338 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=138a3db9a43357b25c2226fef610
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.100.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-100-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by
beacon-n002-dub-prod.krxd.net
date
Thu, 26 Oct 2023 23:01:50 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1698361310
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
horizon-common-hit.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
6fc8c519813ae69ffb5c95d87821ffbc940db1a1a2070bdbfed21d0e53fc4991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
content-encoding
gzip
x-openstack-request-id
tx27b782a16c6947e38482a-00653aef5e
last-modified
Tue, 27 Jun 2023 00:08:13 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1687824492.72874
cache-control
public, max-age=180
x-trans-id
tx27b782a16c6947e38482a-00653aef5e
x-request-id
26dbf4de-9610-4b8f-84c1-82df96c489d7
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=406410932&t=pageview&_s=1&dl=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&dp=%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&ul=en-us&de=UTF-8&dt=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6CDAiEABBAQCAGAGKAC~&jid=&gjid=&cid=233865381.1698361305&uid=38105120137109138254&tid=UA-51216819-1&_gid=915941492.1698361310&gtm=45He3ap0n71P4R423v6920778&cd1=%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&cd4=20231019&cd5=7&cd6=&cd7=Giulia%20Ventura%2C%20Paolla%20Serra%20e%20Rafael%20Soares&cd8=&cd9=materia&cd10=Sim&cd11=9&cd12=&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=&cd45=(direto%2Findefinido)&cd46=viral&cd52=233865381.1698361305&cd60=N%C3%A3o&cd61=&cd77=38105120137109138254&cd78=anonymous&cd82=responsivo&cd83=Giulia%20Ventura%2C%20Paolla%20Serra%20e%20Rafael%20Soares&cd90=18f04047-0e59-47f0-8b68-d4ded7eb4723&gcd=11l1l1l1l1&cd3=&cd47=0&cd49=Rio&z=995929433
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 20:46:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8103
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/f5f880bd7ac3f28dd13a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
ESF /
Resource Hash
71eda1dba82909d574153cd9f4e2759d44d342b983aa96295f9dff5cc1e64d42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /cspreport
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 26 Oct 2023 23:01:50 GMT
json
trc.taboola.com/editoraglobo-oglobo/trc/3/ 		66 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editoraglobo-oglobo/trc/3/json?llvl=2&tim=01%3A01%3A50.096&lti=trecs&pubit=n&t=1&data=%7B%22cmps%22%3A2%2C%22id%22%3A%2210859%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1698361310082%2C%22cv%22%3A%2220231026-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-%22%2C%22qs%22%3A%22%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-%22%2C%22vpi%22%3A%22%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A9961%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22nsid%22%3A%22editoraglobonetwork%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22cd%22%3A6838.44%2C%22mw%22%3A648%7D%5D%2C%22rtui%22%3A%22VxpFCzoBenyM9Nkcj6mBcB1SNTWGMynJ%22%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22text%3D%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1698330613545%2C%22wc%22%3Atrue%7D
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ca33220ac36e8d7bcf66167ba84a0c8780cacbaa0956ee8d80fb4a1b8591fd72

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
529
date
Thu, 26 Oct 2023 23:01:50 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.45416666666666666
x-fastly-to-nlb-rtt
93369
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230108-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1698361310.113643,VS0,VE529
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pxid
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/v2.0/ 		46 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/v2.0/pxid?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
3803d2015642be1938493a1607e9d96ae77f95edbbea1f4e5b077888b70f97f7

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		11 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:50 GMT
an-x-request-uuid
41d20e1e-710e-4458-9af9-94090c132141
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-51216819-1&cid=233865381.1698361305&jid=275014568&_u=aCDAgEABAAQCAGAGKAC~&z=1338551412
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-51216819-1&cid=233865381.1698361305&jid=275014568&_u=aCDAgEABAAQCAGAGKAC~&z=1338551412
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-51216819-16&cid=233865381.1698361305&jid=1547055880&_u=aCDAiEABBAQCAGAGKAC~&z=1880300958
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-51216819-16&cid=233865381.1698361305&jid=1547055880&_u=aCDAiEABBAQCAGAGKAC~&z=1880300958
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b9298bf0-9de3-499e-8960-0fe52049f41c
https://oglobo.globo.com/ 		811 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://oglobo.globo.com/b9298bf0-9de3-499e-8960-0fe52049f41c
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09cec2de6f7dbe62bdaca938b78b08072f6b5723179950584930b1e21733a5b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length
830768
Content-Type
adview
securepubads.g.doubleclick.net/pagead/ Frame 6405 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTDaf2-86Zf_dNrXp7_UP6rmUmAzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCFzX670WzsT7gAgCoAwHIAwKqBIYDT9BDeKGrcnP8p40ii2rzzrNlUqUNAsi89SVWbSz1wtGiRD0Uo-QJ7m-M_dvjVArQ1VBG0IXSqaZe33CFSeuSRKm6iaTc5qR52CAYopirwStXsfcZNVjiZAjXuUi66LoEBo0qB-YGZykzsiHLx8ECt9dgtSL-J6IzT5j5ONnEROgtVhazj6shHDEikKET1u0ss5TRg0EEHXitZvWewIRfUQNUAzxTc5_N9kUozdL5T9foajrpfNhTwnRIwRtViJteVe2Yh65Xp5-JMHr4oUIL_weRY5VKI_oaVmrc1gCQgH5NeQO7YOHTLZTYwjPsLxo_6QN2n2XU7MrRV5x4hOVa2SQQQ7Awyok60iBOfXhxFjV-PozFIrTGuKkOLJXsNIJ19yZW_qFTqbC30UhpRgOcM8DDLn3uPalzDZG1yFCLyngQFqHfMMx76wnjsEKBiA91Ekx4G0VaCADjEZq8JyIoNRUY-Yx1DPihtFGVVc7RjYPNZPjuxFcc5sGs9cuxjMbIg89FU21k4AQBgAbJs6nFhPOiylmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODgyODU4NzE0OTQ3MzQzNxjh8yA&sigh=fHv7JcMyBGM&uach_m=[UACH]&cid=CAQSOwDICaaNCjAcAiwxBsQZVFEOLiRQGJpVGP_7vedICp_Bw_nGWjV6j0rIMyZHrVY8atqLrnjD2Kr67_FBGAE&cbvp=2&vis=1
Requested by
Host: c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 6405 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k8W0FOv_CsoH-gGdg2ICAgAAAEv2DEX3AEGzPQQyHoGxGYkQ2u86ZTESCiRnDLZHQB0AABIAAAoKQVFVQkR3RUJEdw&wp=ZTrv2wANrv8Iu_S1AAUc6tw0SZUtLE58Ibr7kg&cbvp=2
Requested by
Host: c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
150180
server
Kestrel
content-length
0
callback.min.js
s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/prod/ Frame E9B7 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/prod/callback.min.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/login-callback.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
b9f6160b7ea7d0645d6201d24919b7289061f8d021e3c245ad5dd7b00ec66ff2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
content-encoding
gzip
x-openstack-request-id
tx0ab1ec2a4b9a4d2fb6c16-00653aef69
last-modified
Thu, 01 Apr 2021 19:16:32 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/html
x-timestamp
1617304591.88878
cache-control
public, max-age=180
x-trans-id
tx0ab1ec2a4b9a4d2fb6c16-00653aef69
x-request-id
8937c2ff-006c-4678-96c0-0e50dd2913c4
84957a24-e26b-45e9-852b-4d3f89a9ffb3
https://oglobo.globo.com/ 		811 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://oglobo.globo.com/84957a24-e26b-45e9-852b-4d3f89a9ffb3
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09cec2de6f7dbe62bdaca938b78b08072f6b5723179950584930b1e21733a5b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length
830768
Content-Type
geoip
api.permutive.com/v2.0/ 		263 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
240b8cad9e591f690ab9f22cf725f5e866db19653c3002040631ff2d7179b935

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
171
d39f98ec-9259-4f8b-896d-7ab58be1f900-models.bin
cdn.permutive.com/models/v2/ 		149 KB
105 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/d39f98ec-9259-4f8b-896d-7ab58be1f900-models.bin
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.119.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b5a3f253130a33c87aaa474c8f349ccbfdc46217ee2daf7551303ec68ce2de

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-goog-meta-oid
d39f98ec-9259-4f8b-896d-7ab58be1f900
age
0
x-guploader-uploadid
ABPtcPqMh5_QLAWq-HKXWo9nOwZ_sDDZzq4J4c7fniFOac-KsFYdBrwtvxxXq0pn8J2exIZPtqQZatPZvucwtfQnf3omoYRS0DTY
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
107106
last-modified
Wed, 25 Oct 2023 19:05:25 GMT
server
cloudflare
etag
"d025ccf09eaee5a3319bce3fcca31a8b"
vary
Accept-Encoding
x-goog-generation
1698260725946997
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=PmqPWg==, md5=0CXM8J6u5aMxm84/zKMaiw==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
107106
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81c652d048394d56-FRA
expires
Thu, 26 Oct 2023 23:01:50 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6405 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTlMn26Ij930Djh0cWenCxmTdnhg2XRIz0MEvcWi99wvqK4XdqTju2kJ_2mLdNkya2T52-Rw7NdYVNpVE6LNLVFkuVhMksfEWU67E&sig=Cg0ArKJSzAeSfzK3Up9BEAE&id=lidar2&mcvt=1042&p=142,315,392,1285&mtos=1042,1042,1042,1042,1042&tos=1042,0,0,0,0&v=20231025&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3937151956&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698361308248&rpt=1113&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
oglobo
horizon-track.globo.com/event/ 		0
364 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://horizon-track.globo.com/event/oglobo
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryxpnGYeGUQGo7VZYh

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
x-served-from
hzt-tsuru
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
access-control-allow-headers
user,User-Agent,Content-Type,GLBID,GLBUID,GST
content-length
0
identify
api.permutive.com/v2.0/ 		50 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
60e565d7b4541cd40d442e527af43d1dcf8e69b7ab833dfb8b769ccd137dae82

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
www-widgetapi.js
www.youtube.com/s/player/96163992/www-widgetapi.vflset/ 		213 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96163992/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
sffe /
Resource Hash
0905f8d2dbf6c1d887bef1a7ab12eb7a561773304079cd230ecb527bb2a74e73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 22:41:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
1205
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67324
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 01:51:05 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 25 Oct 2024 22:41:45 GMT
generate_204
tpc.googlesyndication.com/ Frame C45C 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?yImBmQ
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
1012409.js
targeting.voxus.com.br/clients/ 		47 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://targeting.voxus.com.br/clients/1012409.js?v=2005800
Requested by
Host: cdn.targeting.voxus.com.br
URL: https://cdn.targeting.voxus.com.br/101240.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.29.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ee1c89f35280a59e607e8bb87e34ff7598381b18ce9a1e101a444f9b3fab07c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 26 Oct 2023 19:12:15 GMT
server
cloudflare
age
13775
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=15552000
accept-ranges
bytes
cf-ray
81c652cee87a365b-FRA
access-control-allow-headers
sentry-trace
content-length
11270
expires
Sat, 25 Nov 2023 19:08:38 GMT
all
csm.eu.criteo.net/ Frame 4093 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=BFz2l2kOJQGZiDnkHC6Ru_rsJMIR6iYTbUKxLFFaqIyTqUsoNS6Htk9-5lCvQRio7IOGWGXlH1H-o41qHySpyUtfAN3_3DvUyYE8MeDAQCGuKLjZ9bC-T6of2lpbKYxkA7jLpl48djTU4iuqTMWVFxVzMFLonVAo7dySRC0UoGH4L5DaSMCQzZjRyA37QYIzPC-9uH5QOTWPSACcDaQGyRVRmGSGDQrl2_F0LeEgUJSqlVpQlN3Q1e5cvZ6LdHY4kLqHqw&sds=2&rev=89054&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTrv2wANrv8Iu_S1AAUc6tw0SZUtLE58Ibr7kg&u=%7CcPdNlPfxj8kk1vKwEGwpUkC4k82U7TA852VU3oBG4cQ%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WorlxbH5PHq5yqN4ZfUFzi7DSY4wae9_VGh6uW4BYaa5FFUcX1DiQgXz489gF2oeA_LG5_34nsRb-eCmAvdbHrRQTUumeNcBI5nq3EMMwo8F-rGkm-47dyrMGXoUPT6qDkjGZ-uPfuy1EZpyHTVU-70caknN-OXnXOPUkk-YB80w50mP35Dtzu0kxm7PySrpLGLstAsjZlvtuuJK4ut8k7iHt1MJfVYeRoIct7LdnSiFsFC3P1R-k0O1JY3r_cqPfg9R0Pnhw3abY7HXv4M5Ga4NUVjMtY0FfKTVshcz3Zh7l8NQEIYaY8-zfEbipI1c_oEzhm1xjMpwtL_b1lmFSP4ycC7uyEVe9XiocgfUCd6mO0QTd0TzzI9LXpQBN_YhtqJg5zl4MPmvvBHCa64DTD-jeQG290JV3vMvWOXBH5pBWvVO96fQvahBtNxFXCv0lYSSHi2MAMGmKFo27DJREu0WFGD8yOMfL_7KdsCyoO06GRQwKQlAHo4oGEnhNP0Lz2_UXinye8LWiUtJN6dTgVOUAzHm3QuY8LOHdai1y9RH-oqEka-3rEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBiPG2-86Zf_dNrXp7_UP6rmUmAzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCFzX670WzsT7gAgCoAwHIAwKqBIkDT9BDeKGrcnP8p40ii2rzzrNlUqUNAsi89SVWbSz1wtGiRD0Uo-QJ7m-M_dvjVArQ1VBG0IXSqaZe33CFSeuSRKm6iaTc5qR52CAYopirwStXsfcZNVjiZAjXuUi66LoEBo0qB-YGZykzsiHLx8ECt9dgtSL-J6IzT5j5ONnEROgtVhazj6shHDEikKET1u0ss5TRg0EEHXitZvWewIRfUQNUAzxTc5_N9kUozdL5T9foajrpfNhTwnRIwRtViJteVe2Yh65Xp5-JMHr4oUIL_weRY5VKI_oaVmrc1gCQgH5NeQO7YOHTLZTYwjPsLxo_6QN2n2XU7MrRV5x4hOVa2SQQQ7Awyok60iBOfXhxFjV-PozFIrTGuKkOLJXsNIJ19yZW_qFTqbC30UhpRgOcM8DDLn3uPalzDZG1yFCLyngQFqHfMMx76wnjsEKBiA91Ekx4G0VaCADjEZq8JyIoNVca2B71nyicEoGyj0LxZCfDQ_JYznkEZHVkyG1DM9jkm1ePx02NQdYy4AQBgAbJs6nFhPOiylmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_347esvcKJjZNTD9RDy3C1EoMaNwA%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 26 Oct 2023 23:01:49 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310190101&st=env
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e24b1ae75f0f3a77ef410bf8b538a7a4a27946f3c152c772f31ee4712940f8db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12307
x-xss-protection
0
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 06:11:39 GMT
content-encoding
gzip
age
60611
x-guploader-uploadid
ABPtcPrEy-Gr_uan2LEwSdC1KKzrc7oszdUsS5SW9_g2x11tlu0a56vV6xg4SJvR9DNyvJL4twpdm26swfD6p1a5rDSqZUsxaENd
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6116
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash
crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation
1694696370171925
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6116
accept-ranges
bytes
expires
Fri, 27 Oct 2023 06:11:39 GMT
ingest.php
events.newsroom.bi/ 		2 B
780 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.96.35 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy03.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
pub-6775984018762070
fundingchoicesmessages.google.com/i/ 		158 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-6775984018762070?ers=1
Requested by
Host: oglobo.globo.com
URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
96fe81fb6eecc4b876c31782224b5ebbac1ee7b20431e9ac1f218c8e8904a430
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-JTj5dz-sMA1E_ECsa-e4Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-JTj5dz-sMA1E_ECsa-e4Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
segment
api.permutive.com/adv/v2/ 		14 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 26 Oct 2023 23:01:50 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 26 Oct 2023 23:01:50 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Thu, 26 Oct 2023 23:01:50 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
742
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1698361311.801925,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
74
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
1299
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Thu, 26 Oct 2023 23:01:50 GMT
x-amz-request-id
AXB48TVMJDNAM2N4
age
11869
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1698361311.801240,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
49
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
10617
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Thu, 26 Oct 2023 23:01:50 GMT
x-amz-request-id
M4SP5ZB80QM7DHQP
age
15211
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
27s1ZzL8grOAJHrzyGAagzwa4QLcFiyx8paeutTC1SOQfkmrt1WACjA/9B+yApzfDtcrskytcvQ=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1698361311.801560,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
67
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
26653
debug
ch-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20native-thumbs-feed-01-x&lt=trecs&tvi2=10405&tim=01%3A01%3A50.794&id=41022&cv=20231026-7-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
96045
debug
ch-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20thumbs-feed-01-pb&lt=trecs&tvi2=10405&tim=01%3A01%3A50.794&id=46526&cv=20231026-7-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
96045
debug
ch-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20native-thumbs-feed-01-x&lt=trecs&tvi2=10405&tim=01%3A01%3A50.794&id=61694&cv=20231026-7-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
96045
debug
ch-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 		0
129 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?type=warn&msg=Placement%20doesn%27t%20have%20Publisher%20Mode%20Config%3A%20thumbs-feed-01-pb&lt=trecs&tvi2=10405&tim=01%3A01%3A50.794&id=7612&cv=20231026-7-RELEASE&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
96045
social
ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 		0
521 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/social?lti=trecs&ri=083a154ffa91a52190d720c27243e453&sd=v2_ccda3bd07479acb731e201c9739c20c3_57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e_1698361310_1698361310_CNawjgYQlv9JGIL34_G2MSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjM5NTS6dDlyd4BcAE&ui=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&pi=%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&wi=-7249368074386415809&pt=text&vi=1698361310082&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF%22%2C%22sec%22%3A%22oglobo%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fs2-oglobo.glbimg.com%2FfmAqMpRZI8rB936-0u8oDJ28vZ4%3D%2F1200x%2Fsmart%2Ffilters%3Acover()%3Astrip_icc()%2Fi.s3.glbimg.com%2Fv1%2FAUTH_da025474c0c44edd99332dddb09cabe8%2Finternal_photos%2Fbs%2F2023%2FB%2Fa%2FXSu2nSQEe2hGS4B4Q1Ng%2Fwhatsapp-image-2023-10-19-at-09.12.36.jpeg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://oglobo.globo.com
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:51 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.4.9/ 		129 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.4.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed1923c11bbc7476e5d70e84dc04a17d81d54a919c355280da0e3bd7b7697040

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
393160
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34868
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Sun, 22 Oct 2023 09:47:11 GMT
server
AmazonS3
x-timer
S1698361311.845857,VS0,VE0
etag
"aca69b0d8a163689f4017d7409a9540b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
hG3APEhuTsF51RDEmG1m0WBZYhWnTE80eIfU-lFuqgb9Jaswh9Txkw==
x-cache-hits
63424
feed-card-placeholder.20231026-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231026-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46b36688d913ee22f8ae0e3add7ae6d518f60329904d11590a8d85fa77bf7c8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
VHqP2ddtriWZn.P6xSebKsxVQyjeTCFg
content-encoding
gzip
via
1.1 varnish
date
Thu, 26 Oct 2023 23:01:50 GMT
x-amz-request-id
5YV178YCBC3N43BR
age
10521
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1261
x-amz-id-2
tk2UsC++DqHga747zr0vGZ32yoFZWDIx5fl+GptjxNkh39zGU2YhND0dHOS0DAMP2JNacuEP4GI=
x-served-by
cache-fra-eddf8230108-FRA
last-modified
Thu, 26 Oct 2023 20:06:30 GMT
server
AmazonS3
x-timer
S1698361311.851602,VS0,VE0
etag
"06fd0dc1ead4fc700fbde1cb44824014"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
45
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
14734
distance-from-article.20231026-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231026-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6097be854240d73a3a5ea3bd0e43bcff0ba27eede5affa3f4f027622a41bb793

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
slADO0AgCBObZFbFd2pAJUO7WhCYQFLq
content-encoding
gzip
via
1.1 varnish
date
Thu, 26 Oct 2023 23:01:50 GMT
x-amz-request-id
3308FT8V4VBX3SQM
age
10526
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
6TByG6o/dP/25fv1wVnssYdUCW/5Qc/Ylx4UvDv4l3Vk5rSnUvb52RZl42QxtsfJZRarnyd5nzY=
x-served-by
cache-fra-eddf8230108-FRA
last-modified
Thu, 26 Oct 2023 20:06:25 GMT
server
AmazonS3
x-timer
S1698361311.868303,VS0,VE0
etag
"c95a4cbf865ab8c3fa3dc5e77948b1d1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
28
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
15934
article-detection.20231026-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231026-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c970fcaf36ed76bf570e31aa2b9a98dc065f8dafab887b38f497f9e556dbd46c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
x29ymClACZP62xsLxqYs1ZvLUle.FQ8Y
content-encoding
gzip
via
1.1 varnish
date
Thu, 26 Oct 2023 23:01:50 GMT
x-amz-request-id
X2J2QCP29HYEX0AZ
age
10532
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
0vS3B+446stpsFiWVcAOAgvtTdznz0tZp6fOayvVyw3mVEMGUoy8MqSGau2l+yRLDBhFjwaRPPk=
x-served-by
cache-fra-eddf8230108-FRA
last-modified
Thu, 26 Oct 2023 20:06:19 GMT
server
AmazonS3
x-timer
S1698361311.868293,VS0,VE0
etag
"0a5699b18daf374bc8e1c70f920582de"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
2
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
15939
8314438e-1240-4037-ade5-bfeaed299a90.css
cdn.taboola.com/static/83/ 		451 B
591 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/static/83/8314438e-1240-4037-ade5-bfeaed299a90.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
CkT0watBV7AEsiEughRkYLexggZw11Ym
content-encoding
gzip
via
1.1 varnish
date
Thu, 26 Oct 2023 23:01:50 GMT
x-amz-request-id
E3AZC9C3RNMT7TAB
age
16882
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
222
x-amz-id-2
7GZ+sOJMZytvI85qNq1s4HZBV8yo2ArZjQCAUuLZ4xZmPUNYQIVsHU15o/nGvg2tb0iE/DYhCa0=
x-served-by
cache-fra-eddf8230108-FRA
last-modified
Tue, 07 Jul 2020 17:40:49 GMT
server
AmazonS3
x-timer
S1698361311.871229,VS0,VE0
etag
"1802e318f880ad7e5c7030e9da649cf6"
vary
Accept-Encoding
content-type
text/css
abp
71
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
12
userx.20231026-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231026-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a74f52aca33eb80cffcf22d4c1715cc9ac93e00dfafed8b283a5583fc1b9a45f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
ElMrmNcuhMBQQnowW4G0FCID.eIky5OS
content-encoding
gzip
via
1.1 varnish
date
Thu, 26 Oct 2023 23:01:50 GMT
x-amz-request-id
E769Z154VMZ73WJV
age
10494
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
dHtI20bjAuLZm4h5y5TNIeJTwu+1awl+7kLqDTBIHCn+EREqLPdYXkidx45Yu+XcX2uVO4m66p4=
x-served-by
cache-fra-eddf8230108-FRA
last-modified
Thu, 26 Oct 2023 20:06:57 GMT
server
AmazonS3
x-timer
S1698361311.889308,VS0,VE0
etag
"60d7314620fe91cb54ccdc407a03979e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
28
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2155
explore-more.20231026-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231026-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7e740a0060b5040bbcf90ef68aa4392624e02637103c5445b6934472e339fe1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
TDmAKgAed7tknySweMc9z4Z_zREm.oSe
content-encoding
gzip
via
1.1 varnish
date
Thu, 26 Oct 2023 23:01:50 GMT
x-amz-request-id
J3QK4K67NXA2H0EX
age
10522
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7706
x-amz-id-2
z+4gTArpckD8MqcRbLelBah9bPIofk/i6fhb7QUwOYtXEklaMJ8fmISBSHSU+BPfOIZyzIf7aLk=
x-served-by
cache-fra-eddf8230108-FRA
last-modified
Thu, 26 Oct 2023 20:06:28 GMT
server
AmazonS3
x-timer
S1698361311.889292,VS0,VE0
etag
"485df834378059defe92b079d26c618f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
42
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
8033
feed-view.20231026-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-view.20231026-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c0516fcafa00527111c76221395af43ae0768f44f7b7b87e594212bc7da1214

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
X83FMjF4ZyVJYDKyaRB.NjCjxCGIVhHu
content-encoding
gzip
via
1.1 varnish
date
Thu, 26 Oct 2023 23:01:50 GMT
x-amz-request-id
616GWSGH113YFVTR
age
10518
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6562
x-amz-id-2
5uVNG3juA7+H0PZdKfjvB0/VaQC4NBKqo23qAG2Bw+OQfgIBTDKYgsYAysyhChdSFE0TPR7Zu1A=
x-served-by
cache-fra-eddf8230108-FRA
last-modified
Thu, 26 Oct 2023 20:06:33 GMT
server
AmazonS3
x-timer
S1698361311.889287,VS0,VE0
etag
"3fd635bcfbdf3dda383226fa106c18c5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
47
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
7401
abtests
ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/abtests?route=US:CH:V&tvi2=10405&tvi48=-48&tvi50=13328&lti=trecs&ri=083a154ffa91a52190d720c27243e453&sd=v2_ccda3bd07479acb731e201c9739c20c3_57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e_1698361310_1698361310_CNawjgYQlv9JGIL34_G2MSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjM5NTS6dDlyd4BcAE&ui=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&pi=/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&wi=-7249368074386415809&pt=text&vi=1698361310082&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1698361310870%7D&tim=01%3A01%3A50.871&id=7542&llvl=2&cv=20231026-7-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:51 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/supply-feature?route=US:CH:V&tvi2=10405&tvi48=-48&tvi50=13328&lti=trecs&ri=083a154ffa91a52190d720c27243e453&sd=v2_ccda3bd07479acb731e201c9739c20c3_57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e_1698361310_1698361310_CNawjgYQlv9JGIL34_G2MSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjM5NTS6dDlyd4BcAE&ui=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&pi=/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&wi=-7249368074386415809&pt=text&vi=1698361310082&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=01%3A01%3A50.879&id=2523&llvl=2&cv=20231026-7-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:51 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Thu, 26 Oct 2023 23:01:50 GMT
x-amz-request-id
Y1PG8J215N22T8P1
age
66
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by
cache-fra-eddf8230108-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1698361311.916774,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
11
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
30
abtests
ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 		0
521 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/abtests?route=US%3ACH%3AV&lti=trecs&tvi2=10405&ri=083a154ffa91a52190d720c27243e453&sd=v2_ccda3bd07479acb731e201c9739c20c3_57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e_1698361310_1698361310_CNawjgYQlv9JGIL34_G2MSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjM5NTS6dDlyd4BcAE&ui=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&pi=%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&wi=-7249368074386415809&pt=text&vi=1698361310082&tim=01%3A01%3A50.803&id=78366&llvl=2&cv=20231026-7-RELEASE&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22brsd%22%2C%22type%22%3A%7B%22esv%22%3A%22ES2021%22%2C%22c%22%3Atrue%2C%22ss%22%3Atrue%2C%22ls%22%3Atrue%7D%2C%22eventTime%22%3A1698361310803%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://oglobo.globo.com
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:51 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 23:01:50 GMT
social
ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/social?route=US:CH:V&tvi2=10405&tvi48=-48&tvi50=13328&lti=trecs&ri=083a154ffa91a52190d720c27243e453&sd=v2_ccda3bd07479acb731e201c9739c20c3_57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e_1698361310_1698361310_CNawjgYQlv9JGIL34_G2MSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjM5NTS6dDlyd4BcAE&ui=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&pi=/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&wi=-7249368074386415809&pt=text&vi=1698361310082&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF%22%2C%22sec%22%3A%22oglobo%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fs2-oglobo.glbimg.com%2FfmAqMpRZI8rB936-0u8oDJ28vZ4%3D%2F1200x%2Fsmart%2Ffilters%3Acover()%3Astrip_icc()%2Fi.s3.glbimg.com%2Fv1%2FAUTH_da025474c0c44edd99332dddb09cabe8%2Finternal_photos%2Fbs%2F2023%2FB%2Fa%2FXSu2nSQEe2hGS4B4Q1Ng%2Fwhatsapp-image-2023-10-19-at-09.12.36.jpeg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=01%3A01%3A50.932&id=8840&llvl=2&cv=20231026-7-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:51 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame 6502
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZTrv38Co8XsAAAS.nrkAAAAA
0
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZTrv38Co8XsAAAS.nrkAAAAA
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17366

Redirect headers

X-SO-Cluster-ID
0
Date
Thu, 26 Oct 2023 23:01:51 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZTrv38Co8XsAAAS.nrkAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad85"}
X-SO-Key
ZTrv38Co8XsAAAS.nrkAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad85
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZTrv38Co8XsAAAS.nrkAAAAA
Cache-Control
private
X-SO-HostName
m-ad85.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
m-tgng23.dc4p.scaleout.jp
X-SO-IP
176.115.237.224
/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame 6502
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=fe55e536d3734bb6a9...
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=fe55e536d3734bb6a9bde133abe07ccb
0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=fe55e536d3734bb6a9bde133abe07ccb
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
7917

Redirect headers

location
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=fe55e536d3734bb6a9bde133abe07ccb
date
Thu, 26 Oct 2023 23:01:51 GMT
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame 6502 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:50 GMT
content-length
0
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 6502
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LO7SGZG3-9-JCJ8
0
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LO7SGZG3-9-JCJ8
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
7917

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LO7SGZG3-9-JCJ8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 6502
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ru91hJJE2oSt.sb8uakKBw3ABl6PgnL2ycBFDQ--~A
0
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ru91hJJE2oSt.sb8uakKBw3ABl6PgnL2ycBFDQ--~A
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15405

Redirect headers

date
Thu, 26 Oct 2023 23:01:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ru91hJJE2oSt.sb8uakKBw3ABl6PgnL2ycBFDQ--~A
content-length
0
/
sync.taboola.com/sg/baidurtb-network/1/rtb-h/ Frame 6502
Redirect Chain
  • https://trace.mediago.io/ju/cs/taboola
  • https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=2a46ab349791394c2rm23000lo7sh2x1
0
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=2a46ab349791394c2rm23000lo7sh2x1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
16459

Redirect headers

date
Thu, 26 Oct 2023 23:01:51 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=2a46ab349791394c2rm23000lo7sh2x1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
sync.taboola.com/sg/google-network/1/rtb-h/ Frame 6502
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIrNP9zE8Hg92VhdUt1i-BA&google_cver=1
0
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIrNP9zE8Hg92VhdUt1i-BA&google_cver=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
7917

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEIrNP9zE8Hg92VhdUt1i-BA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
101956
jadserve.postrelease.com/dmp/ Frame 6502 		43 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/dmp/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.133.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-133-143.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:51 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6502 		42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e:$UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 23:01:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 6502
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e
date
Thu, 26 Oct 2023 23:01:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
8764
generic
match.adsrvr.org/track/cmf/ Frame 6502 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
server
Kestrel
content-length
70
content-type
image/gif
rtset
bh.contextweb.com/bh/ Frame 6502 		49 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdf9fc9cc-g6hfm
expires
-1
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 6502
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%...
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=772374af-2e17-43d0-a662-08316d0352b8&gdpr=0&gdpr_consent=&us_privacy=
0
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=772374af-2e17-43d0-a662-08316d0352b8&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
11898

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:51 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=772374af-2e17-43d0-a662-08316d0352b8&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
630295
content-length
0
expires
Thu, 26 Oct 2023 00:00:00 GMT
9.gif
id5-sync.com/s/464/ Frame 6502 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/464/9.gif?puid=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 26 Oct 2023 23:01:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
sync
x.bidswitch.net/ Frame 6502
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=taboola&bsw_custom_parameter=bad84a7b-c6a6-4560-ba86-f3d98e7e8a83&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=taboola&bsw_custom_parameter=bad84a7b-c6a6-4560-ba86-f3d98e7e8a83&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=7b9e1ac4-2084-46cf-8b96-eb45588ccf5a&ssp=taboola&expires=30&user_group=5&bsw_param=bad84a7b-c6a6-4560-ba86-f3d98e7e8a83
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=4&user_id=7b9e1ac4-2084-46cf-8b96-eb45588ccf5a&ssp=taboola&expires=30&user_group=5&bsw_param=bad84a7b-c6a6-4560-ba86-f3d98e7e8a83
Protocol
H2
Server
52.28.245.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-245-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=4&user_id=7b9e1ac4-2084-46cf-8b96-eb45588ccf5a&ssp=taboola&expires=30&user_group=5&bsw_param=bad84a7b-c6a6-4560-ba86-f3d98e7e8a83
Date
Thu, 26 Oct 2023 23:01:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 6502
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b2669404-b33d-4820-b9ef-bbd57d6337f4
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b2669404-b33d-4820-b9ef-bbd57d6337f4&tbid=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&query=taboola_hm%3Db2669404-b33d-...
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b2669404-b33d-4820-b9ef-bbd57d6337f4&tbid=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&query=taboola_hm%3Db2669404-b33d-4820-b9ef-bbd57d6337f4&isDirect=0
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 26 Oct 2023 23:01:51 GMT
via
1.1 varnish
server
nginx
x-timer
S1698361311.347732,VS0,VE197
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-fra-eddf8230108-FRA

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b2669404-b33d-4820-b9ef-bbd57d6337f4&tbid=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&query=taboola_hm%3Db2669404-b33d-4820-b9ef-bbd57d6337f4&isDirect=0
date
Thu, 26 Oct 2023 23:01:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
11898
xuid
eb2.3lift.com/ Frame 6502
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy=
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 26 Oct 2023 23:01:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Thu, 26 Oct 2023 23:01:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 6502
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=dd205a8a-d20b-4860-904a-85e231b681ea
0
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=dd205a8a-d20b-4860-904a-85e231b681ea
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12255

Redirect headers

date
Thu, 26 Oct 2023 23:01:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=dd205a8a-d20b-4860-904a-85e231b681ea
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6502 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=121&0&&us_privacy=&redir=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:50 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 10:07:01 GMT
content-encoding
gzip
age
46490
x-guploader-uploadid
ABPtcPp4xD82cMNgQ2Og_CWXsgvs_Qt9Xw9ReoMfVm4dIPg_4drcndmhuN7zVuuAQEMf9D8lQNxvu9VrWCUaGXwPO9RC
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8334
last-modified
Thu, 14 Sep 2023 12:59:30 GMT
server
UploadServer
etag
"20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash
crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation
1694696370056280
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8334
accept-ranges
bytes
expires
Fri, 27 Oct 2023 10:07:01 GMT
trk
tt-12842-2.seg.t.tailtarget.com/ 		70 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tt-12842-2.seg.t.tailtarget.com/trk?tA=TT-12842-2&tJ=_channel:ig-oglobo:1&tK=1698361311&tM=direct&tL=direct&tN=direct&tY=3&tZ=675449089
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
player.min.js
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/ 		2 MB
601 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
6de06ffd6235f73dfd076ab1d78cbd035d16e7824c6ad5e7752abf37995fdab3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
content-encoding
gzip
x-openstack-request-id
tx31aea74b507f491a92779-00653a674d
last-modified
Wed, 25 Oct 2023 13:17:58 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
x-object-meta-mtime
1698177000.000000
content-type
application/javascript
x-timestamp
1698239877.64298
cache-control
public, max-age=86400
x-trans-id
tx31aea74b507f491a92779-00653a674d
x-request-id
f4101fd5-9094-47b9-9ee1-42424993aced
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8AC7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
20771
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:15:40 GMT
expires
Fri, 25 Oct 2024 17:15:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B9D3 		829 B
792 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f4.1e100.net
Software
GSE /
Resource Hash
0ebfa34d722a9d1feadeb94df85dc11ccdf53a7ca5a4bc73caa9eadbac148c6e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-M1V_qNy1EeQ23UnoIfnBxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-M1V_qNy1EeQ23UnoIfnBxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 23:01:51 GMT
expires
Thu, 26 Oct 2023 23:01:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
pips.taboola.com/ 		4 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230105-FRA
date
Thu, 26 Oct 2023 23:01:51 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
supply-feature
ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/supply-feature?route=US:CH:V&tvi2=10405&tvi48=-48&tvi50=13328&lti=trecs&ri=083a154ffa91a52190d720c27243e453&sd=v2_ccda3bd07479acb731e201c9739c20c3_57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e_1698361310_1698361310_CNawjgYQlv9JGIL34_G2MSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjM5NTS6dDlyd4BcAE&ui=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&pi=/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&wi=-7249368074386415809&pt=text&vi=1698361310082&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22358.90625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=01%3A01%3A51.192&id=4957&llvl=2&cv=20231026-7-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:51 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
css2
fonts.googleapis.com/ 		20 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231026-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 26 Oct 2023 23:01:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 22:58:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Oct 2023 23:01:51 GMT
spa-detector.20231026-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231026-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6df9e3b25ec20f5fb1a67ff4247474f9f84294628eec6081bc0e1c1e2a5001a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
HXY8..GwhS3LYAWoHPZPg8jIGh2cPk2C
content-encoding
gzip
via
1.1 varnish
date
Thu, 26 Oct 2023 23:01:51 GMT
x-amz-request-id
2R7DMD83KMAY0TNZ
age
10507
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
779
x-amz-id-2
0wq9x/Az78gXwx8nsmA72MHs5bQY4jBESZmoXPNIHajAJWzZWD029lxvjr1s5uYOaeFpdTCvfXo=
x-served-by
cache-fra-eddf8230108-FRA
last-modified
Thu, 26 Oct 2023 20:06:44 GMT
server
AmazonS3
x-timer
S1698361311.239474,VS0,VE0
etag
"ae4f5d124cb46c388286a1cf8ace5176"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
67
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
8225
supply-feature
ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/supply-feature?route=US:CH:V&tvi2=10405&tvi48=-48&tvi50=13328&lti=trecs&ri=083a154ffa91a52190d720c27243e453&sd=v2_ccda3bd07479acb731e201c9739c20c3_57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e_1698361310_1698361310_CNawjgYQlv9JGIL34_G2MSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjM5NTS6dDlyd4BcAE&ui=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&pi=/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&wi=-7249368074386415809&pt=text&vi=1698361310082&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=01%3A01%3A51.210&id=4385&llvl=2&cv=20231026-7-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:51 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/supply-feature?route=US:CH:V&tvi2=10405&tvi48=-48&tvi50=13328&lti=trecs&ri=083a154ffa91a52190d720c27243e453&sd=v2_ccda3bd07479acb731e201c9739c20c3_57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e_1698361310_1698361310_CNawjgYQlv9JGIL34_G2MSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjM5NTS6dDlyd4BcAE&ui=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&pi=/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&wi=-7249368074386415809&pt=text&vi=1698361310082&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=01%3A01%3A51.231&id=1891&llvl=2&cv=20231026-7-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:51 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 		0
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/abtests?route=US:CH:V&tvi2=10405&tvi48=-48&tvi50=13328&lti=trecs&ri=083a154ffa91a52190d720c27243e453&sd=v2_ccda3bd07479acb731e201c9739c20c3_57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e_1698361310_1698361310_CNawjgYQlv9JGIL34_G2MSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjM5NTS6dDlyd4BcAE&ui=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&pi=/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&wi=-7249368074386415809&pt=text&vi=1698361310082&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1698361311231%7D&tim=01%3A01%3A51.232&id=4863&llvl=2&cv=20231026-7-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:51 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
syncframe
gum.criteo.com/ Frame 27E8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=oglobo.globo.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 23:01:51 GMT
server
Kestrel
server-processing-duration-in-ticks
706251
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 27 Oct 2023 23:01:51 GMT
u
b.t.tailtarget.com/ 		72 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?env=_ttq_ttGlobo
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
5f536639638b01c81ed4348bfb05dbdd648a306823a4e39399fb5569f44a5ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e&mbl=ZmFsc2U=
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 26 Oct 2023 23:01:51 GMT
cache-control
no-store
server
nginx
st
imprchmp.taboola.com/ Frame 9CD7 		577 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8r4oCLAZQSZbzp7maxBGgkiznT3M1iSsAAABgYID-AMkYB7PdbuZwKwzDlVs0s9jcCofD4pZYHDPDzGXamDy2ISAZ42C2280cboVhuHKLZhabW-FwWNwSi2NmmLlMG5PHNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwSaoul0-Fz3er3P7Lf47Tqz3-K3a_xuv-Tp98v9pqfH6fBLBpPNXjHYK5Z7wc2tcuscLo_fLXNYX2633vCyPDwOv1vjt5suD7fC57KbXp63yOEW_M1Oj9Ph1jhtT7Nb5VaYbH-fw-S364ymt9k_s3jMTpN7yXtQCntDa-Ro9mhOu6_OZlA8fKphTbpxXo3PreEiueUAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgPENAsQiB4V7mt1Ou8_0t_sDAAAAAAgAAAAAEgAFvKclAD7OZk78_________8cYoM-8kfH___9_Y6EHwIMPgAchAAAAH0PEgvjPARHur4kcrBRhBAAAAAB2rh38yCSdoGJR5f__v98KwBUAgIBFN5x99Cy6gxJvYQAAAAzGLNDD4vebHXaN3-0y__________9m_s_8oxHyWC9MI3zZE6fmFxAAYM0vIAAAG3UDAPAmAE7QMcDZbrIarY5C7IazwW4yGM5mBwAAAODO____vx6Q8ZgcnonJsBvtlguPxbdZrCyDxca52yw3lsHGsz1Geqtj1z45431ChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FYDAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB1G6xGQ5Gk7XGMxi5RZuZYy1xWUZryWJlc618o5lttXGLXh_TxzParVYrLxIMuNuL5GmRTgTDzcKxGs1sDudi4ZosloORbzLYWHaT0WZlWm0mYonmZJFOZJd9x2NyeCYmw260Wy48Ft9msbIMFhvnbrPcWAYbz761W2yGg9FkrfEMRm7RZuZYS1yW0VqyWNlcK99oZltt3KLXx_TxjHar1crfmC2Hm9lisxjsG7PlcDNbbBaDfYfO8F19zkbZ9pzymGTOaN-jrDkNCpfB4p0WLdLW4egzyiy3iGs1WU9fE6vQM_EaFJ6DR3Wz5qRObWQiO0-mCcfBooglgot0ojI5TX_Lw2f2W_xuvc_st_gtYonSdJFO9JKn3y_3m54ep8MvGUw2e8Vgr1juBTe3yq1zuDx-t8xhfbndesPL8vA4_G6N3266PNwKn8tuenneIodb8Dc7PU6HW-O0Pc1ulVthsv19DpPfrjOa3maLWCI4XaQT0ct4uqj_6CF2s7lisZpLNru5ZDJaJQAAAAAAAAAASzDJdBMAAAAAJ4PZrZa71TodyGA1HGxWywUg8Wep6we6kXtgRSN-12aZRAnKyPdPscYemyiT0_S3PHxmv8Xv1vvMfovfygAk3ESZbfYZQazValkDAAAQwAYAABDATTfeBIhFcf_____jAAAABMihBwAAQL8PSCluvdADV4pfQWw2k-H-AagQa7Va3W6s1WoFHJDNagIBAALwAQ!&cmcv=&pix=undefined&cb=1698361311508&uv=142387208&tms=1698361311508&abt=AdUnit2ESM_vB!adxLoadDist7-out_vA!adxsub-out_vA!adxsub-out_vB!esv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=c80677fa-a08e-4fbf-aaab-bb1f0fe4cdc6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
deff6cb1d322776b0236f3c94e075ba8d2f6699058433479943b051fe7c303f7

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 26 Oct 2023 23:01:51 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230108-FRA
x-timer
S1698361312.527216,VS0,VE189
sync
ch-match.taboola.com/ Frame B8DE 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ch-match.taboola.com/sync?dast=V8r4oCLAZQSZbzp7maxBGgkiznT3M1iSsAAABgYID-AMkYB7PdbuZwKwzDlVs0s9jcCofD4pZYHDPDzGXamDy2ISAZ42C2280cboVhuHKLZhabW-FwWNwSi2NmmLlMG5PHNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwSaoul0-Fz3er3P7Lf47Tqz3-K3a_xuv-Tp98v9pqfH6fBLBpPNXjHYK5Z7wc2tcuscLo_fLXNYX2633vCyPDwOv1vjt5suD7fC57KbXp63yOEW_M1Oj9Ph1jhtT7Nb5VaYbH-fw-S364ymt9k_s3jMTpN7yXtQCntDa-Ro9mhOu6_OZlA8fKphTbpxXo3PreEiueUAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgPENAsQiB4V7mt1Ou8_0t_sDAAAAAAgAAAAAEgAFvKclAD7OZk78_________8cYoM-8kfH___9_Y6EHwIMPgAchAAAAH0PEgvjPARHur4kcrBRhBAAAAAB2rh38yCSdoGJR5f__v98KwBUAgIBFN5x99Cy6gxJvYQAAAAzGLNDD4vebHXaN3-0y__________9m_s_8oxHyWC9MI3zZE6fmFxAAYM0vIAAAG3UDAPAmAE7QMcDZbrIarY5C7IazwW4yGM5mBwAAAODO____vx6Q8ZgcnonJsBvtlguPxbdZrCyDxca52yw3lsHGsz1Geqtj1z45431ChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FYDAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB1G6xGQ5Gk7XGMxi5RZuZYy1xWUZryWJlc618o5lttXGLXh_TxzParVYrLxIMuNuL5GmRTgTDzcKxGs1sDudi4ZosloORbzLYWHaT0WZlWm0mYonmZJFOZJd9x2NyeCYmw260Wy48Ft9msbIMFhvnbrPcWAYbz761W2yGg9FkrfEMRm7RZuZYS1yW0VqyWNlcK99oZltt3KLXx_TxjHar1crfmC2Hm9lisxjsG7PlcDNbbBaDfYfO8F19zkbZ9pzymGTOaN-jrDkNCpfB4p0WLdLW4egzyiy3iGs1WU9fE6vQM_EaFJ6DR3Wz5qRObWQiO0-mCcfBooglgot0ojI5TX_Lw2f2W_xuvc_st_gtYonSdJFO9JKn3y_3m54ep8MvGUw2e8Vgr1juBTe3yq1zuDx-t8xhfbndesPL8vA4_G6N3266PNwKn8tuenneIodb8Dc7PU6HW-O0Pc1ulVthsv19DpPfrjOa3maLWCI4XaQT0ct4uqj_6CF2s7lisZpLNru5ZDJaJQAAAAAAAAAASzDJdBMAAAAAJ4PZrZa71TodyGA1HGxWywUg8Wep6we6kXtgRSN-12aZRAnKyPdPscYemyiT0_S3PHxmv8Xv1vvMfovfygAk3ESZbfYZQazValkDAAAQwAYAABDATTfeBIhFcf_____jAAAABMihBwAAQL8PSCluvdADV4pfQWw2k-H-AagQa7Va3W6s1WoFHJDNagIBAALwAQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
deff6cb1d322776b0236f3c94e075ba8d2f6699058433479943b051fe7c303f7

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 26 Oct 2023 23:01:51 GMT
machineid
3802
server
nginx
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/142387_208/infra/ 		811 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/142387_208/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
1965c07b93028ee4a07369a701035378b87d01874bed6d5a76f2c00d70670412

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-meta-mtime
1698334312
date
Thu, 26 Oct 2023 23:01:51 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
CNVG75PJG78TH11E
age
26912
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698334313
x-amz-meta-mode
33188
content-length
135221
x-amz-id-2
ipH7/rMhQKfDNJbwBt8SdiqYeuDFEll8Dg52TBLYs+O4LujQ2xf7+Pi0hCUxly8rlpyUveru6eM=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Thu, 26 Oct 2023 15:31:54 GMT
server
AmazonS3-br
x-timer
S1698361312.535111,VS0,VE0
etag
"fff52b69fc320e8e6e0b79554e9f6cfa"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
39
cmOsUnit.css
vidstat.taboola.com/vpaid/units/142387_208/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/142387_208/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-meta-mtime
1698334322
date
Thu, 26 Oct 2023 23:01:51 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
C86FPKT45W50K4XB
age
26911
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698334323
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
lshzanVV51xhLzYRYNMMbV6/ae+lIRXBfUtcujC2WMMsV0EMqQPQCpi5CfA9e+kzZ3xGxPK5O5E=
x-served-by
cache-fra-eddf8230108-FRA
last-modified
Thu, 26 Oct 2023 15:32:04 GMT
server
AmazonS3-br
x-timer
S1698361312.535118,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
2719
st
ch-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8r4oCLAZQSZbzp7maxBGgkiznT3M1iSsAAABgYID-AMkYB7PdbuZwKwzDlVs0s9jcCofD4pZYHDPDzGXamDy2ISAZ42C2280cboVhuHKLZhabW-FwWNwSi2NmmLlMG5PHNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwSaoul0-Fz3er3P7Lf47Tqz3-K3a_xuv-Tp98v9pqfH6fBLBpPNXjHYK5Z7wc2tcuscLo_fLXNYX2633vCyPDwOv1vjt5suD7fC57KbXp63yOEW_M1Oj9Ph1jhtT7Nb5VaYbH-fw-S364ymt9k_s3jMTpN7yXtQCntDa-Ro9mhOu6_OZlA8fKphTbpxXo3PreEiueUAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgPENAsQiB4V7mt1Ou8_0t_sDAAAAAAgAAAAAEgAFvKclAD7OZk78_________8cYoM-8kfH___9_Y6EHwIMPgAchAAAAH0PEgvjPARHur4kcrBRhBAAAAAB2rh38yCSdoGJR5f__v98KwBUAgIBFN5x99Cy6gxJvYQAAAAzGLNDD4vebHXaN3-0y__________9m_s_8oxHyWC9MI3zZE6fmFxAAYM0vIAAAG3UDAPAmAE7QMcDZbrIarY5C7IazwW4yGM5mBwAAAODO____vx6Q8ZgcnonJsBvtlguPxbdZrCyDxca52yw3lsHGsz1Geqtj1z45431ChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FYDAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB1G6xGQ5Gk7XGMxi5RZuZYy1xWUZryWJlc618o5lttXGLXh_TxzParVYrLxIMuNuL5GmRTgTDzcKxGs1sDudi4ZosloORbzLYWHaT0WZlWm0mYonmZJFOZJd9x2NyeCYmw260Wy48Ft9msbIMFhvnbrPcWAYbz761W2yGg9FkrfEMRm7RZuZYS1yW0VqyWNlcK99oZltt3KLXx_TxjHar1crfmC2Hm9lisxjsG7PlcDNbbBaDfYfO8F19zkbZ9pzymGTOaN-jrDkNCpfB4p0WLdLW4egzyiy3iGs1WU9fE6vQM_EaFJ6DR3Wz5qRObWQiO0-mCcfBooglgot0ojI5TX_Lw2f2W_xuvc_st_gtYonSdJFO9JKn3y_3m54ep8MvGUw2e8Vgr1juBTe3yq1zuDx-t8xhfbndesPL8vA4_G6N3266PNwKn8tuenneIodb8Dc7PU6HW-O0Pc1ulVthsv19DpPfrjOa3maLWCI4XaQT0ct4uqj_6CF2s7lisZpLNru5ZDJaJQAAAAAAAAAASzDJdBMAAAAAJ4PZrZa71TodyGA1HGxWywUg8Wep6we6kXtgRSN-12aZRAnKyPdPscYemyiT0_S3PHxmv8Xv1vvMfovfygAk3ESZbfYZQazValkDAAAQwAYAABDATTfeBIhFcf_____jAAAABMihBwAAQL8PSCluvdADV4pfQWw2k-H-AagQa7Va3W6s1WoFHJDNagIBAALwAQ!&cmcv=&pix=31589837&cb=1698361311508&uv=142387208&tms=1698361311508&abt=AdUnit2ESM_vB!adxLoadDist7-out_vA!adxsub-out_vA!adxsub-out_vB!esv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1698361301676.2!ts:1698361311508&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
content-length
0
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame DF86 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310190101&jk=3342239636537992&bg=!BQalBknNAAbo5yKYyOc7ADQBe5WfOP06kShS9a8vZJdvGBEDgT1SaInkqmgXXCTsQI9Ue-YLXy11ezOk-N-QlTJRJ6vtAgAAA0ZSAAAACGgBB5kCzEtv6VPnV96QxdUu1swb_i9SLar7Nd7iFyvsww6REmLZY2rhVx7wyOfALD1hn3EuxUrR2CmRuc7Vwk0WPwRMPVs8KoCsZPbxu9pXvySa42pC7bemmJmIQTYs5nDfPugvjQHP2IMRMTi_FT8daqcGQRuUae3G46mN-om4L6jQFST4gwmGr2pVB4bS73AJvwxdF9FCDcsoak88sVzJkZXOHkjPhWbAWVW_8Tm_pxd5QCmfylNMJEq6o-0ybeBnyVYhr7VQyTkDKfNTd_MltEIbxtkMhTifPCbu-bxckPGBkJvOGnIlOWj4iIHfWeddm7tSbirS6ghki72DkKx0kie3rC9nzJwm5-jW6DgSUOifnUCBuuoD06tbcysPvQNB1sZfVoxqC89hBq3SoW4pkKQyl4kQZivs4ShP7hRaO6gxpnZX3ZKW78lT7SqdgT12K1hyDIvuVGcZTJ2VH9sWx4vvSOMdRK-oVdxtnd8HXnj7MOXtbM_220wl9zgSwHevEL6-2jJ1V81qhgFTw_1jvYTBBO5f_3MlzdOkrjLgZvXsIDdGqUCumOach3S6_qg43SUESYvfRbveA2mXyeF3GEV5avaPEP_DhfjgNcgOrdRrqFeT4pFr56oClPON22vHn1B7XQY1LECBe6m4eTRSZQ6nT7TVqyT8ZR3nB4_KpzQjIZTX55wfBjVK373-5EQF1nqGCZUiVBLGA_2dXN5a2Ygalxyu4eEaRnm4RmmKqNzqQ0yxM6zKbOWq96fQCCdif1f3jdum9OJpXA47_xXzFHNlh6eQxlZ-bGFum54IBIJD0ZtoBYoUIbswsUJ26LeEGtpb2nEMJsQyf6SH5IvoUTmcV__1XxdpoxwJB_yqqB0wIMkhIPgWAqetqBgXevP0kl26VSVNuAXZiMz8uUad73B1BbqxBXA7kjlAnot5GpXXvW_xQ9rpqvsXjeAZF_qB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
fundingchoicesmessages.google.com/el/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gGO7pCCA7XFsoBhExz8GeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gGO7pCCA7XFsoBhExz8GeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
fundingchoicesmessages.google.com/el/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PNWXuI_wixUW_KL1JAu68Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:52 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PNWXuI_wixUW_KL1JAu68Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://oglobo.globo.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU6qmyVGXVD76u8ZsbHG6IOu2VbpFQZTi9w64Ls2M7rkS1DK8tGFspTznjvqpyZSq-RH4TWHWS8ZT5ji5UH1q8lnC0fbY9f7cXG2kXcT3q21nElIerSM82y59RVB9bXL9Fo_xi26g==
fundingchoicesmessages.google.com/f/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU6qmyVGXVD76u8ZsbHG6IOu2VbpFQZTi9w64Ls2M7rkS1DK8tGFspTznjvqpyZSq-RH4TWHWS8ZT5ji5UH1q8lnC0fbY9f7cXG2kXcT3q21nElIerSM82y59RVB9bXL9Fo_xi26g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4MzYxMzExLDYzNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9vZ2xvYm8uZ2xvYm8uY29tL3Jpby9ub3RpY2lhLzIwMjMvMTAvMTkvcGYtZS1nYWVjby1mYXplbS1vcGVyYWNhby1jb250cmEtYWdlbnRlcy1kYS1wb2xpY2lhLWNpdmlsLWUtYWR2b2dhZG8uZ2h0bWwiLG51bGwsW1s4LCJFMzJ6RkZ4aHllQSJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.E32zFFxhyeA.es5.O/am=CAM/d=1/rs=AJlcJMyK37tjtH9rl9Il12_6Ck82ia3Akw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
afa01ecd27ac63d99381cfee8202a5e4caf882c73f4ff79ccde5ecc09259011e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uL--uXorPGBtcSJ5utpZaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uL--uXorPGBtcSJ5utpZaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 27E8 		419 B
550 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=globo.com&sn=ChromeSyncframe&so=3&topUrl=oglobo.globo.com&bundle=2pJ8J19aYVNOUG13Rms5Zlg0cDRRZm4xV1ZCQ1BLeFFhUVVtQmE0bFNoNlM2ejlUUzFjWVRSM0ViczJ0cWtNWGNFaldSdDhjbzlNRkNlUk1vT1VEQ0dOZzVYOVBDQmxkVGlMczFZQzlWJTJCY2Q3UzNYRnQlMkZlaGFtVHh5aE5lZEJ2SDhDVmt5M3VNb0k4N2FaVHVZJTJCWmNMeWsxdkElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=oglobo.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
74bf01999214f1915ad22f312308a48cbb57250574172caf0ba4d138cbd5fbc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=oglobo.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:51 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1193987
expires
0
events
api.permutive.com/v2.0/batch/ 		101 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
95fd76851af3f44e93b5d341dbbb4f5cb6eb081a2c85f27813cf118bc2e6b784

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
sodar
pagead2.googlesyndication.com/pagead/ Frame B9D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310190101&jk=2341082111872422&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame B8DE 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8r4oCLAZQSZbzp7maxBGgkiznT3M1iSsAAABgYID-AMkYB7PdbuZwKwzDlVs0s9jcCofD4pZYHDPDzGXamDy2ISAZ42C2280cboVhuHKLZhabW-FwWNwSi2NmmLlMG5PHNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwSaoul0-Fz3er3P7Lf47Tqz3-K3a_xuv-Tp98v9pqfH6fBLBpPNXjHYK5Z7wc2tcuscLo_fLXNYX2633vCyPDwOv1vjt5suD7fC57KbXp63yOEW_M1Oj9Ph1jhtT7Nb5VaYbH-fw-S364ymt9k_s3jMTpN7yXtQCntDa-Ro9mhOu6_OZlA8fKphTbpxXo3PreEiueUAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgPENAsQiB4V7mt1Ou8_0t_sDAAAAAAgAAAAAEgAFvKclAD7OZk78_________8cYoM-8kfH___9_Y6EHwIMPgAchAAAAH0PEgvjPARHur4kcrBRhBAAAAAB2rh38yCSdoGJR5f__v98KwBUAgIBFN5x99Cy6gxJvYQAAAAzGLNDD4vebHXaN3-0y__________9m_s_8oxHyWC9MI3zZE6fmFxAAYM0vIAAAG3UDAPAmAE7QMcDZbrIarY5C7IazwW4yGM5mBwAAAODO____vx6Q8ZgcnonJsBvtlguPxbdZrCyDxca52yw3lsHGsz1Geqtj1z45431ChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FYDAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB1G6xGQ5Gk7XGMxi5RZuZYy1xWUZryWJlc618o5lttXGLXh_TxzParVYrLxIMuNuL5GmRTgTDzcKxGs1sDudi4ZosloORbzLYWHaT0WZlWm0mYonmZJFOZJd9x2NyeCYmw260Wy48Ft9msbIMFhvnbrPcWAYbz761W2yGg9FkrfEMRm7RZuZYS1yW0VqyWNlcK99oZltt3KLXx_TxjHar1crfmC2Hm9lisxjsG7PlcDNbbBaDfYfO8F19zkbZ9pzymGTOaN-jrDkNCpfB4p0WLdLW4egzyiy3iGs1WU9fE6vQM_EaFJ6DR3Wz5qRObWQiO0-mCcfBooglgot0ojI5TX_Lw2f2W_xuvc_st_gtYonSdJFO9JKn3y_3m54ep8MvGUw2e8Vgr1juBTe3yq1zuDx-t8xhfbndesPL8vA4_G6N3266PNwKn8tuenneIodb8Dc7PU6HW-O0Pc1ulVthsv19DpPfrjOa3maLWCI4XaQT0ct4uqj_6CF2s7lisZpLNru5ZDJaJQAAAAAAAAAASzDJdBMAAAAAJ4PZrZa71TodyGA1HGxWywUg8Wep6we6kXtgRSN-12aZRAnKyPdPscYemyiT0_S3PHxmv8Xv1vvMfovfygAk3ESZbfYZQazValkDAAAQwAYAABDATTfeBIhFcf_____jAAAABMihBwAAQL8PSCluvdADV4pfQWw2k-H-AagQa7Va3W6s1WoFHJDNagIBAALwAQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame B8DE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ru91hJJE2oSt.sb8uakKBw3ABl6PgnL2ycBFDQ--~A
0
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ru91hJJE2oSt.sb8uakKBw3ABl6PgnL2ycBFDQ--~A
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8r4oCLAZQSZbzp7maxBGgkiznT3M1iSsAAABgYID-AMkYB7PdbuZwKwzDlVs0s9jcCofD4pZYHDPDzGXamDy2ISAZ42C2280cboVhuHKLZhabW-FwWNwSi2NmmLlMG5PHNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwSaoul0-Fz3er3P7Lf47Tqz3-K3a_xuv-Tp98v9pqfH6fBLBpPNXjHYK5Z7wc2tcuscLo_fLXNYX2633vCyPDwOv1vjt5suD7fC57KbXp63yOEW_M1Oj9Ph1jhtT7Nb5VaYbH-fw-S364ymt9k_s3jMTpN7yXtQCntDa-Ro9mhOu6_OZlA8fKphTbpxXo3PreEiueUAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgPENAsQiB4V7mt1Ou8_0t_sDAAAAAAgAAAAAEgAFvKclAD7OZk78_________8cYoM-8kfH___9_Y6EHwIMPgAchAAAAH0PEgvjPARHur4kcrBRhBAAAAAB2rh38yCSdoGJR5f__v98KwBUAgIBFN5x99Cy6gxJvYQAAAAzGLNDD4vebHXaN3-0y__________9m_s_8oxHyWC9MI3zZE6fmFxAAYM0vIAAAG3UDAPAmAE7QMcDZbrIarY5C7IazwW4yGM5mBwAAAODO____vx6Q8ZgcnonJsBvtlguPxbdZrCyDxca52yw3lsHGsz1Geqtj1z45431ChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FYDAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB1G6xGQ5Gk7XGMxi5RZuZYy1xWUZryWJlc618o5lttXGLXh_TxzParVYrLxIMuNuL5GmRTgTDzcKxGs1sDudi4ZosloORbzLYWHaT0WZlWm0mYonmZJFOZJd9x2NyeCYmw260Wy48Ft9msbIMFhvnbrPcWAYbz761W2yGg9FkrfEMRm7RZuZYS1yW0VqyWNlcK99oZltt3KLXx_TxjHar1crfmC2Hm9lisxjsG7PlcDNbbBaDfYfO8F19zkbZ9pzymGTOaN-jrDkNCpfB4p0WLdLW4egzyiy3iGs1WU9fE6vQM_EaFJ6DR3Wz5qRObWQiO0-mCcfBooglgot0ojI5TX_Lw2f2W_xuvc_st_gtYonSdJFO9JKn3y_3m54ep8MvGUw2e8Vgr1juBTe3yq1zuDx-t8xhfbndesPL8vA4_G6N3266PNwKn8tuenneIodb8Dc7PU6HW-O0Pc1ulVthsv19DpPfrjOa3maLWCI4XaQT0ct4uqj_6CF2s7lisZpLNru5ZDJaJQAAAAAAAAAASzDJdBMAAAAAJ4PZrZa71TodyGA1HGxWywUg8Wep6we6kXtgRSN-12aZRAnKyPdPscYemyiT0_S3PHxmv8Xv1vvMfovfygAk3ESZbfYZQazValkDAAAQwAYAABDATTfeBIhFcf_____jAAAABMihBwAAQL8PSCluvdADV4pfQWw2k-H-AagQa7Va3W6s1WoFHJDNagIBAALwAQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19009

Redirect headers

date
Thu, 26 Oct 2023 23:01:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ru91hJJE2oSt.sb8uakKBw3ABl6PgnL2ycBFDQ--~A
content-length
0
index_nckv4.html
targeting.voxus.tv/a/ Frame BD31 		53 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://targeting.voxus.tv/a/index_nckv4.html?12943a233&client%3DO%20Globo%26website_id%3D2057%26obj%3D238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47%26type%3Dpageview
Requested by
Host: targeting.voxus.com.br
URL: https://targeting.voxus.com.br/clients/1012409.js?v=2005800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.160.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4872436dcfca5a947a8944262130cc10acc1e8a3f53c92e912ba1bfa59b69454

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
sentry-trace
access-control-allow-origin
*
age
18276
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
81c652d99eb8194d-FRA
content-encoding
br
content-type
text/html
date
Thu, 26 Oct 2023 23:01:52 GMT
last-modified
Tue, 17 Aug 2021 20:24:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPSn%2BFaW26ribsgvW5ZxBTs6zwIiNUmy5rQ2ewYQ0MYRVxeXVexhfP39LVuWDPUJlqImXp8ZeojZ8rQyu29pELigzC%2FE2ibmH2h%2FbJGzCTWqJsCpFy5zyBWhp6FivKo8OdC2XnE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CD6D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8r4oCLAZQSZbzp7maxBGgkiznT3M1iSsAAABgYID-AMkYB7PdbuZwKwzDlVs0s9jcCofD4pZYHDPDzGXamDy2ISAZ42C2280cboVhuHKLZhabW-FwWNwSi2NmmLlMG5PHNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwSaoul0-Fz3er3P7Lf47Tqz3-K3a_xuv-Tp98v9pqfH6fBLBpPNXjHYK5Z7wc2tcuscLo_fLXNYX2633vCyPDwOv1vjt5suD7fC57KbXp63yOEW_M1Oj9Ph1jhtT7Nb5VaYbH-fw-S364ymt9k_s3jMTpN7yXtQCntDa-Ro9mhOu6_OZlA8fKphTbpxXo3PreEiueUAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgPENAsQiB4V7mt1Ou8_0t_sDAAAAAAgAAAAAEgAFvKclAD7OZk78_________8cYoM-8kfH___9_Y6EHwIMPgAchAAAAH0PEgvjPARHur4kcrBRhBAAAAAB2rh38yCSdoGJR5f__v98KwBUAgIBFN5x99Cy6gxJvYQAAAAzGLNDD4vebHXaN3-0y__________9m_s_8oxHyWC9MI3zZE6fmFxAAYM0vIAAAG3UDAPAmAE7QMcDZbrIarY5C7IazwW4yGM5mBwAAAODO____vx6Q8ZgcnonJsBvtlguPxbdZrCyDxca52yw3lsHGsz1Geqtj1z45431ChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FYDAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB1G6xGQ5Gk7XGMxi5RZuZYy1xWUZryWJlc618o5lttXGLXh_TxzParVYrLxIMuNuL5GmRTgTDzcKxGs1sDudi4ZosloORbzLYWHaT0WZlWm0mYonmZJFOZJd9x2NyeCYmw260Wy48Ft9msbIMFhvnbrPcWAYbz761W2yGg9FkrfEMRm7RZuZYS1yW0VqyWNlcK99oZltt3KLXx_TxjHar1crfmC2Hm9lisxjsG7PlcDNbbBaDfYfO8F19zkbZ9pzymGTOaN-jrDkNCpfB4p0WLdLW4egzyiy3iGs1WU9fE6vQM_EaFJ6DR3Wz5qRObWQiO0-mCcfBooglgot0ojI5TX_Lw2f2W_xuvc_st_gtYonSdJFO9JKn3y_3m54ep8MvGUw2e8Vgr1juBTe3yq1zuDx-t8xhfbndesPL8vA4_G6N3266PNwKn8tuenneIodb8Dc7PU6HW-O0Pc1ulVthsv19DpPfrjOa3maLWCI4XaQT0ct4uqj_6CF2s7lisZpLNru5ZDJaJQAAAAAAAAAASzDJdBMAAAAAJ4PZrZa71TodyGA1HGxWywUg8Wep6we6kXtgRSN-12aZRAnKyPdPscYemyiT0_S3PHxmv8Xv1vvMfovfygAk3ESZbfYZQazValkDAAAQwAYAABDATTfeBIhFcf_____jAAAABMihBwAAQL8PSCluvdADV4pfQWw2k-H-AagQa7Va3W6s1WoFHJDNagIBAALwAQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ch-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 Oct 2023 23:01:51 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 9CD7 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8r4oCLAZQSZbzp7maxBGgkiznT3M1iSsAAABgYID-AMkYB7PdbuZwKwzDlVs0s9jcCofD4pZYHDPDzGXamDy2ISAZ42C2280cboVhuHKLZhabW-FwWNwSi2NmmLlMG5PHNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwSaoul0-Fz3er3P7Lf47Tqz3-K3a_xuv-Tp98v9pqfH6fBLBpPNXjHYK5Z7wc2tcuscLo_fLXNYX2633vCyPDwOv1vjt5suD7fC57KbXp63yOEW_M1Oj9Ph1jhtT7Nb5VaYbH-fw-S364ymt9k_s3jMTpN7yXtQCntDa-Ro9mhOu6_OZlA8fKphTbpxXo3PreEiueUAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgPENAsQiB4V7mt1Ou8_0t_sDAAAAAAgAAAAAEgAFvKclAD7OZk78_________8cYoM-8kfH___9_Y6EHwIMPgAchAAAAH0PEgvjPARHur4kcrBRhBAAAAAB2rh38yCSdoGJR5f__v98KwBUAgIBFN5x99Cy6gxJvYQAAAAzGLNDD4vebHXaN3-0y__________9m_s_8oxHyWC9MI3zZE6fmFxAAYM0vIAAAG3UDAPAmAE7QMcDZbrIarY5C7IazwW4yGM5mBwAAAODO____vx6Q8ZgcnonJsBvtlguPxbdZrCyDxca52yw3lsHGsz1Geqtj1z45431ChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FYDAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB1G6xGQ5Gk7XGMxi5RZuZYy1xWUZryWJlc618o5lttXGLXh_TxzParVYrLxIMuNuL5GmRTgTDzcKxGs1sDudi4ZosloORbzLYWHaT0WZlWm0mYonmZJFOZJd9x2NyeCYmw260Wy48Ft9msbIMFhvnbrPcWAYbz761W2yGg9FkrfEMRm7RZuZYS1yW0VqyWNlcK99oZltt3KLXx_TxjHar1crfmC2Hm9lisxjsG7PlcDNbbBaDfYfO8F19zkbZ9pzymGTOaN-jrDkNCpfB4p0WLdLW4egzyiy3iGs1WU9fE6vQM_EaFJ6DR3Wz5qRObWQiO0-mCcfBooglgot0ojI5TX_Lw2f2W_xuvc_st_gtYonSdJFO9JKn3y_3m54ep8MvGUw2e8Vgr1juBTe3yq1zuDx-t8xhfbndesPL8vA4_G6N3266PNwKn8tuenneIodb8Dc7PU6HW-O0Pc1ulVthsv19DpPfrjOa3maLWCI4XaQT0ct4uqj_6CF2s7lisZpLNru5ZDJaJQAAAAAAAAAASzDJdBMAAAAAJ4PZrZa71TodyGA1HGxWywUg8Wep6we6kXtgRSN-12aZRAnKyPdPscYemyiT0_S3PHxmv8Xv1vvMfovfygAk3ESZbfYZQazValkDAAAQwAYAABDATTfeBIhFcf_____jAAAABMihBwAAQL8PSCluvdADV4pfQWw2k-H-AagQa7Va3W6s1WoFHJDNagIBAALwAQ!&cmcv=&pix=undefined&cb=1698361311508&uv=142387208&tms=1698361311508&abt=AdUnit2ESM_vB!adxLoadDist7-out_vA!adxsub-out_vA!adxsub-out_vB!esv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=c80677fa-a08e-4fbf-aaab-bb1f0fe4cdc6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 9CD7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ru91hJJE2oSt.sb8uakKBw3ABl6PgnL2ycBFDQ--~A
0
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ru91hJJE2oSt.sb8uakKBw3ABl6PgnL2ycBFDQ--~A
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8r4oCLAZQSZbzp7maxBGgkiznT3M1iSsAAABgYID-AMkYB7PdbuZwKwzDlVs0s9jcCofD4pZYHDPDzGXamDy2ISAZ42C2280cboVhuHKLZhabW-FwWNwSi2NmmLlMG5PHNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwSaoul0-Fz3er3P7Lf47Tqz3-K3a_xuv-Tp98v9pqfH6fBLBpPNXjHYK5Z7wc2tcuscLo_fLXNYX2633vCyPDwOv1vjt5suD7fC57KbXp63yOEW_M1Oj9Ph1jhtT7Nb5VaYbH-fw-S364ymt9k_s3jMTpN7yXtQCntDa-Ro9mhOu6_OZlA8fKphTbpxXo3PreEiueUAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgPENAsQiB4V7mt1Ou8_0t_sDAAAAAAgAAAAAEgAFvKclAD7OZk78_________8cYoM-8kfH___9_Y6EHwIMPgAchAAAAH0PEgvjPARHur4kcrBRhBAAAAAB2rh38yCSdoGJR5f__v98KwBUAgIBFN5x99Cy6gxJvYQAAAAzGLNDD4vebHXaN3-0y__________9m_s_8oxHyWC9MI3zZE6fmFxAAYM0vIAAAG3UDAPAmAE7QMcDZbrIarY5C7IazwW4yGM5mBwAAAODO____vx6Q8ZgcnonJsBvtlguPxbdZrCyDxca52yw3lsHGsz1Geqtj1z45431ChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FYDAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB1G6xGQ5Gk7XGMxi5RZuZYy1xWUZryWJlc618o5lttXGLXh_TxzParVYrLxIMuNuL5GmRTgTDzcKxGs1sDudi4ZosloORbzLYWHaT0WZlWm0mYonmZJFOZJd9x2NyeCYmw260Wy48Ft9msbIMFhvnbrPcWAYbz761W2yGg9FkrfEMRm7RZuZYS1yW0VqyWNlcK99oZltt3KLXx_TxjHar1crfmC2Hm9lisxjsG7PlcDNbbBaDfYfO8F19zkbZ9pzymGTOaN-jrDkNCpfB4p0WLdLW4egzyiy3iGs1WU9fE6vQM_EaFJ6DR3Wz5qRObWQiO0-mCcfBooglgot0ojI5TX_Lw2f2W_xuvc_st_gtYonSdJFO9JKn3y_3m54ep8MvGUw2e8Vgr1juBTe3yq1zuDx-t8xhfbndesPL8vA4_G6N3266PNwKn8tuenneIodb8Dc7PU6HW-O0Pc1ulVthsv19DpPfrjOa3maLWCI4XaQT0ct4uqj_6CF2s7lisZpLNru5ZDJaJQAAAAAAAAAASzDJdBMAAAAAJ4PZrZa71TodyGA1HGxWywUg8Wep6we6kXtgRSN-12aZRAnKyPdPscYemyiT0_S3PHxmv8Xv1vvMfovfygAk3ESZbfYZQazValkDAAAQwAYAABDATTfeBIhFcf_____jAAAABMihBwAAQL8PSCluvdADV4pfQWw2k-H-AagQa7Va3W6s1WoFHJDNagIBAALwAQ!&cmcv=&pix=undefined&cb=1698361311508&uv=142387208&tms=1698361311508&abt=AdUnit2ESM_vB!adxLoadDist7-out_vA!adxsub-out_vA!adxsub-out_vB!esv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=c80677fa-a08e-4fbf-aaab-bb1f0fe4cdc6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprchmp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17632

Redirect headers

date
Thu, 26 Oct 2023 23:01:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ru91hJJE2oSt.sb8uakKBw3ABl6PgnL2ycBFDQ--~A
content-length
0
mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
pagead2.googlesyndication.com/bg/ Frame 8AC7 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/mSNSQAl__hw8z5PwJ1hA32amL2zkBniEArBt9BN1XWc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
sffe /
Resource Hash
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 16:43:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
109122
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15010
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 16:43:09 GMT
usync.html
eus.rubiconproject.com/ Frame 8E13 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by
Host: imprchmp.taboola.com
URL: https://imprchmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8r4oCLAZQSZbzp7maxBGgkiznT3M1iSsAAABgYID-AMkYB7PdbuZwKwzDlVs0s9jcCofD4pZYHDPDzGXamDy2ISAZ42C2280cboVhuHKLZhabW-FwWNwSi2NmmLlMG5PHNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwSaoul0-Fz3er3P7Lf47Tqz3-K3a_xuv-Tp98v9pqfH6fBLBpPNXjHYK5Z7wc2tcuscLo_fLXNYX2633vCyPDwOv1vjt5suD7fC57KbXp63yOEW_M1Oj9Ph1jhtT7Nb5VaYbH-fw-S364ymt9k_s3jMTpN7yXtQCntDa-Ro9mhOu6_OZlA8fKphTbpxXo3PreEiueUAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgPENAsQiB4V7mt1Ou8_0t_sDAAAAAAgAAAAAEgAFvKclAD7OZk78_________8cYoM-8kfH___9_Y6EHwIMPgAchAAAAH0PEgvjPARHur4kcrBRhBAAAAAB2rh38yCSdoGJR5f__v98KwBUAgIBFN5x99Cy6gxJvYQAAAAzGLNDD4vebHXaN3-0y__________9m_s_8oxHyWC9MI3zZE6fmFxAAYM0vIAAAG3UDAPAmAE7QMcDZbrIarY5C7IazwW4yGM5mBwAAAODO____vx6Q8ZgcnonJsBvtlguPxbdZrCyDxca52yw3lsHGsz1Geqtj1z45431ChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FYDAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB1G6xGQ5Gk7XGMxi5RZuZYy1xWUZryWJlc618o5lttXGLXh_TxzParVYrLxIMuNuL5GmRTgTDzcKxGs1sDudi4ZosloORbzLYWHaT0WZlWm0mYonmZJFOZJd9x2NyeCYmw260Wy48Ft9msbIMFhvnbrPcWAYbz761W2yGg9FkrfEMRm7RZuZYS1yW0VqyWNlcK99oZltt3KLXx_TxjHar1crfmC2Hm9lisxjsG7PlcDNbbBaDfYfO8F19zkbZ9pzymGTOaN-jrDkNCpfB4p0WLdLW4egzyiy3iGs1WU9fE6vQM_EaFJ6DR3Wz5qRObWQiO0-mCcfBooglgot0ojI5TX_Lw2f2W_xuvc_st_gtYonSdJFO9JKn3y_3m54ep8MvGUw2e8Vgr1juBTe3yq1zuDx-t8xhfbndesPL8vA4_G6N3266PNwKn8tuenneIodb8Dc7PU6HW-O0Pc1ulVthsv19DpPfrjOa3maLWCI4XaQT0ct4uqj_6CF2s7lisZpLNru5ZDJaJQAAAAAAAAAASzDJdBMAAAAAJ4PZrZa71TodyGA1HGxWywUg8Wep6we6kXtgRSN-12aZRAnKyPdPscYemyiT0_S3PHxmv8Xv1vvMfovfygAk3ESZbfYZQazValkDAAAQwAYAABDATTfeBIhFcf_____jAAAABMihBwAAQL8PSCluvdADV4pfQWw2k-H-AagQa7Va3W6s1WoFHJDNagIBAALwAQ!&cmcv=&pix=undefined&cb=1698361311508&uv=142387208&tms=1698361311508&abt=AdUnit2ESM_vB!adxLoadDist7-out_vA!adxsub-out_vA!adxsub-out_vB!esv_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=c80677fa-a08e-4fbf-aaab-bb1f0fe4cdc6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprchmp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 Oct 2023 23:01:51 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
bulk-metrics
ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 		0
521 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-trc-events.taboola.com/editoraglobo-oglobo/log/3/bulk-metrics?route=US%3ACH%3AV&lti=trecs&tvi2=10405&cv=20231026-7-RELEASE&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://oglobo.globo.com
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:51 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
fundingchoicesmessages.google.com/el/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lxjH32wFhdeVAb2XJxWfPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:52 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lxjH32wFhdeVAb2XJxWfPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
fundingchoicesmessages.google.com/el/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PfAlT8mz_gy2UBwTUyC7_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:52 GMT
content-security-policy
script-src 'report-sample' 'nonce-PfAlT8mz_gy2UBwTUyC7_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://oglobo.globo.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
b
b.t.tailtarget.com/ 		150 B
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-12842-2&tY=1&tS=1&tU=0100007FDFEF3A65A306819002A50615&tX=b.52&tZ=319295298&env=_ttq_ttGlobo
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
1ff5fc550fc9f3c7fea90f8b5d2d43aaf80e5d6e9ee9202337f11314a46c03b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:51 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
usync.js
eus.rubiconproject.com/ Frame CD6D 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a02728d692b9feaf335d6f971501393bb968b638728ca51e166d98e0efab7439

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:01:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Oct 2023 22:56:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=86036
Connection
keep-alive
Content-Length
11053
Expires
Fri, 27 Oct 2023 22:55:47 GMT
usync.js
eus.rubiconproject.com/ Frame 8E13 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a02728d692b9feaf335d6f971501393bb968b638728ca51e166d98e0efab7439

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:01:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Oct 2023 22:56:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=86036
Connection
keep-alive
Content-Length
11053
Expires
Fri, 27 Oct 2023 22:55:47 GMT
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.6.3/ 		426 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.6.3/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/142387_208/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
d130321a24006111462ab2cfd822f0f8b9b493d5b2240e3aa2a6b4bbe223f596

Request headers

Referer
https://oglobo.globo.com/
Origin
https://oglobo.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-meta-mtime
1698224459
date
Thu, 26 Oct 2023 23:01:52 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HS59N1HCBTMXEVA5
age
136804
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1698224472
x-amz-meta-mode
33188
content-length
82012
x-amz-id-2
7I0GIaFN7FTdXL9b9w25yhSt78+Wj4Rnq1RlV4vA8if8k0MEg+P6dAY6wtx1mi+34hZM21Z4oDo=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Wed, 25 Oct 2023 09:01:13 GMT
server
AmazonS3-br
x-timer
S1698361312.062866,VS0,VE0
etag
"08ed640b09e28c8852affd300d620a8c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
99804
sync
ch-match.taboola.com/ Frame 7123 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ch-match.taboola.com/sync?dast=V8r4oCLAZQSZbzp7maxBGgkiznT3M1iSsAAABgYID-AMkYB7PdbuZwKwzDlVs0s9jcCofD4pZYHDPDzGXamDy2ISAZ42C2280cboVhuHKLZhabW-FwWNwSi2NmmLlMG5PHNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwSaoul0-Fz3er3P7Lf47Tqz3-K3a_xuv-Tp98v9pqfH6fBLBpPNXjHYK5Z7wc2tcuscLo_fLXNYX2633vCyPDwOv1vjt5suD7fC57KbXp63yOEW_M1Oj9Ph1jhtT7Nb5VaYbH-fw-S364ymt9k_s3jMTpN7yXtQCntDa-Ro9mhOu6_OZlA8fKphTbpxXo3PreEiueUAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgPENAsQiB4V7mt1Ou8_0t_sDAAAAAAgAAAAAEgAFvKclAD7OZk78_________8cYoM-8kfH___9_Y6EHwIMPgAchAAAAH0PEgvjPARHur4kcrBRhBAAAAAB2rh38yCSdoGJR5f__v98KwBUAgIBFN5x99Cy6gxJvYQAAAAzGLNDD4vebHXaN3-0y__________9m_s_8oxHyWC9MI3zZE6fmFxAAYM0vIAAAG3UDAPAmAE7QMcDZbrIarY5C7IazwW4yGM5mBwAAAODO____vx6Q8ZgcnonJsBvtlguPxbdZrCyDxca52yw3lsHGsz1Geqtj1z45431ChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FYDAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB1G6xGQ5Gk7XGMxi5RZuZYy1xWUZryWJlc618o5lttXGLXh_TxzParVYrLxIMuNuL5GmRTgTDzcKxGs1sDudi4ZosloORbzLYWHaT0WZlWm0mYonmZJFOZJd9x2NyeCYmw260Wy48Ft9msbIMFhvnbrPcWAYbz761W2yGg9FkrfEMRm7RZuZYS1yW0VqyWNlcK99oZltt3KLXx_TxjHar1crfmC2Hm9lisxjsG7PlcDNbbBaDfYfO8F19zkbZ9pzymGTOaN-jrDkNCpfB4p0WLdLW4egzyiy3iGs1WU9fE6vQM_EaFJ6DR3Wz5qRObWQiO0-mCcfBooglgot0ojI5TX_Lw2f2W_xuvc_st_gtYonSdJFO9JKn3y_3m54ep8MvGUw2e8Vgr1juBTe3yq1zuDx-t8xhfbndesPL8vA4_G6N3266PNwKn8tuenneIodb8Dc7PU6HW-O0Pc1ulVthsv19DpPfrjOa3maLWCI4XaQT0ct4uqj_6CF2s7lisZpLNru5ZDJaJQAAAAAAAAAASzDJdBMAAAAAJ4PZrZa71TodyGA1HGxWywUg8Wep6we6kXtgRSN-12aZRAnKyPdPscYemyiT0_S3PHxmv8Xv1vvMfovfygAk3ESZbfYZQazValkDAAAQwAYAABDATTfeBIhFcf_____jAAAABMihBwAAQL8PSCluvdADV4pfQWw2k-H-AagQa7Va3W6s1WoFHJDNagIBAALwAQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/142387_208/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
deff6cb1d322776b0236f3c94e075ba8d2f6699058433479943b051fe7c303f7

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 26 Oct 2023 23:01:52 GMT
machineid
3805
server
nginx
bulk
trc.taboola.com/editoraglobo-oglobo/log/3/ 		0
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editoraglobo-oglobo/log/3/bulk?tvi2=10405&tvi48=-48&tvi50=13328&route=US%3ACH%3AV&lti=trecs&bulkSize=8
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
190
date
Thu, 26 Oct 2023 23:01:52 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
93421
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230108-FRA
pragma
no-cache
server
nginx
x-timer
S1698361312.217959,VS0,VE190
content-type
image/gif
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://oglobo.globo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Thu, 26 Oct 2023 23:01:52 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
2812657
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230108-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1698361312.242574,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
254952
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foglobo.globo.com%2F&domain=oglobo.globo.com&bundle=2pJ8J19aYVNOUG13Rms5Zlg0cDRRZm4xV1ZCQ1BLeFFhUVVtQmE0bFNoNlM2ejlUUzFjWVRSM0ViczJ0cWtNWGNFaldSdDhjbzlNRkNlUk1vT1VEQ0dOZzVYOVBDQmxkVGlMczFZQzlWJTJCY2Q3UzNYRnQlMkZlaGFtVHh5aE5lZEJ2SDhDVmt5M3VNb0k4N2FaVHVZJTJCWmNMeWsxdkElM0QlM0Q&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://oglobo.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 26 Oct 2023 23:01:52 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
220782
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame 3951 		49 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a000034LEuvAAG&gdpr=0&src=pbjs&ver=7.45.0
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:52 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
json
gum.criteo.com/sid/ Frame 3951 		2 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foglobo.globo.com%2F&domain=oglobo.globo.com&bundle=2pJ8J19aYVNOUG13Rms5Zlg0cDRRZm4xV1ZCQ1BLeFFhUVVtQmE0bFNoNlM2ejlUUzFjWVRSM0ViczJ0cWtNWGNFaldSdDhjbzlNRkNlUk1vT1VEQ0dOZzVYOVBDQmxkVGlMczFZQzlWJTJCY2Q3UzNYRnQlMkZlaGFtVHh5aE5lZEJ2SDhDVmt5M3VNb0k4N2FaVHVZJTJCWmNMeWsxdkElM0QlM0Q&cw=1&lsw=1
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:51 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
206017
expires
0
prebid
id5-sync.com/api/config/ Frame 3951 		135 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a9017f676ee4e38fc77f91af55f8b7bdcad440a5a379039cbb913f0cbe39a39c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 3951 		0
0
74387
idx.liadm.com/idex/prebid/ Frame 3951 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/74387?duid=be2f1ac8945b--01hdq3htx0gtr7xz8wgkm312yh&resolve=nonId
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.225.37.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-37-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
trace-id
7bf371745191ea6c
vary
Origin
request-time
1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3D9B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.23.8.228 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-8-228.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=143912
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 26 Oct 2023 23:01:52 GMT
expires
Sat, 28 Oct 2023 15:00:24 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B343 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 Oct 2023 23:01:52 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame BEBD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
47147
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 26 Oct 2023 23:01:52 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
175, 313167
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230053-FRA
X-Timer
S1698361312.346601,VS0,VE0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 26 Oct 2023 23:01:52 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
17661
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230108-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1698361312.402045,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
31
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
6105
khaos.json
token.rubiconproject.com/ Frame CD6D 		7 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
khaos.json
token.rubiconproject.com/ Frame 8E13 		7 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
generic
match.adsrvr.org/track/cmf/ Frame 7123 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8r4oCLAZQSZbzp7maxBGgkiznT3M1iSsAAABgYID-AMkYB7PdbuZwKwzDlVs0s9jcCofD4pZYHDPDzGXamDy2ISAZ42C2280cboVhuHKLZhabW-FwWNwSi2NmmLlMG5PHNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwSaoul0-Fz3er3P7Lf47Tqz3-K3a_xuv-Tp98v9pqfH6fBLBpPNXjHYK5Z7wc2tcuscLo_fLXNYX2633vCyPDwOv1vjt5suD7fC57KbXp63yOEW_M1Oj9Ph1jhtT7Nb5VaYbH-fw-S364ymt9k_s3jMTpN7yXtQCntDa-Ro9mhOu6_OZlA8fKphTbpxXo3PreEiueUAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgPENAsQiB4V7mt1Ou8_0t_sDAAAAAAgAAAAAEgAFvKclAD7OZk78_________8cYoM-8kfH___9_Y6EHwIMPgAchAAAAH0PEgvjPARHur4kcrBRhBAAAAAB2rh38yCSdoGJR5f__v98KwBUAgIBFN5x99Cy6gxJvYQAAAAzGLNDD4vebHXaN3-0y__________9m_s_8oxHyWC9MI3zZE6fmFxAAYM0vIAAAG3UDAPAmAE7QMcDZbrIarY5C7IazwW4yGM5mBwAAAODO____vx6Q8ZgcnonJsBvtlguPxbdZrCyDxca52yw3lsHGsz1Geqtj1z45431ChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FYDAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB1G6xGQ5Gk7XGMxi5RZuZYy1xWUZryWJlc618o5lttXGLXh_TxzParVYrLxIMuNuL5GmRTgTDzcKxGs1sDudi4ZosloORbzLYWHaT0WZlWm0mYonmZJFOZJd9x2NyeCYmw260Wy48Ft9msbIMFhvnbrPcWAYbz761W2yGg9FkrfEMRm7RZuZYS1yW0VqyWNlcK99oZltt3KLXx_TxjHar1crfmC2Hm9lisxjsG7PlcDNbbBaDfYfO8F19zkbZ9pzymGTOaN-jrDkNCpfB4p0WLdLW4egzyiy3iGs1WU9fE6vQM_EaFJ6DR3Wz5qRObWQiO0-mCcfBooglgot0ojI5TX_Lw2f2W_xuvc_st_gtYonSdJFO9JKn3y_3m54ep8MvGUw2e8Vgr1juBTe3yq1zuDx-t8xhfbndesPL8vA4_G6N3266PNwKn8tuenneIodb8Dc7PU6HW-O0Pc1ulVthsv19DpPfrjOa3maLWCI4XaQT0ct4uqj_6CF2s7lisZpLNru5ZDJaJQAAAAAAAAAASzDJdBMAAAAAJ4PZrZa71TodyGA1HGxWywUg8Wep6we6kXtgRSN-12aZRAnKyPdPscYemyiT0_S3PHxmv8Xv1vvMfovfygAk3ESZbfYZQazValkDAAAQwAYAABDATTfeBIhFcf_____jAAAABMihBwAAQL8PSCluvdADV4pfQWw2k-H-AagQa7Va3W6s1WoFHJDNagIBAALwAQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:52 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 7123
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ru91hJJE2oSt.sb8uakKBw3ABl6PgnL2ycBFDQ--~A
0
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ru91hJJE2oSt.sb8uakKBw3ABl6PgnL2ycBFDQ--~A
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8r4oCLAZQSZbzp7maxBGgkiznT3M1iSsAAABgYID-AMkYB7PdbuZwKwzDlVs0s9jcCofD4pZYHDPDzGXamDy2ISAZ42C2280cboVhuHKLZhabW-FwWNwSi2NmmLlMG5PHNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwSaoul0-Fz3er3P7Lf47Tqz3-K3a_xuv-Tp98v9pqfH6fBLBpPNXjHYK5Z7wc2tcuscLo_fLXNYX2633vCyPDwOv1vjt5suD7fC57KbXp63yOEW_M1Oj9Ph1jhtT7Nb5VaYbH-fw-S364ymt9k_s3jMTpN7yXtQCntDa-Ro9mhOu6_OZlA8fKphTbpxXo3PreEiueUAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgPENAsQiB4V7mt1Ou8_0t_sDAAAAAAgAAAAAEgAFvKclAD7OZk78_________8cYoM-8kfH___9_Y6EHwIMPgAchAAAAH0PEgvjPARHur4kcrBRhBAAAAAB2rh38yCSdoGJR5f__v98KwBUAgIBFN5x99Cy6gxJvYQAAAAzGLNDD4vebHXaN3-0y__________9m_s_8oxHyWC9MI3zZE6fmFxAAYM0vIAAAG3UDAPAmAE7QMcDZbrIarY5C7IazwW4yGM5mBwAAAODO____vx6Q8ZgcnonJsBvtlguPxbdZrCyDxca52yw3lsHGsz1Geqtj1z45431ChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FYDAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB1G6xGQ5Gk7XGMxi5RZuZYy1xWUZryWJlc618o5lttXGLXh_TxzParVYrLxIMuNuL5GmRTgTDzcKxGs1sDudi4ZosloORbzLYWHaT0WZlWm0mYonmZJFOZJd9x2NyeCYmw260Wy48Ft9msbIMFhvnbrPcWAYbz761W2yGg9FkrfEMRm7RZuZYS1yW0VqyWNlcK99oZltt3KLXx_TxjHar1crfmC2Hm9lisxjsG7PlcDNbbBaDfYfO8F19zkbZ9pzymGTOaN-jrDkNCpfB4p0WLdLW4egzyiy3iGs1WU9fE6vQM_EaFJ6DR3Wz5qRObWQiO0-mCcfBooglgot0ojI5TX_Lw2f2W_xuvc_st_gtYonSdJFO9JKn3y_3m54ep8MvGUw2e8Vgr1juBTe3yq1zuDx-t8xhfbndesPL8vA4_G6N3266PNwKn8tuenneIodb8Dc7PU6HW-O0Pc1ulVthsv19DpPfrjOa3maLWCI4XaQT0ct4uqj_6CF2s7lisZpLNru5ZDJaJQAAAAAAAAAASzDJdBMAAAAAJ4PZrZa71TodyGA1HGxWywUg8Wep6we6kXtgRSN-12aZRAnKyPdPscYemyiT0_S3PHxmv8Xv1vvMfovfygAk3ESZbfYZQazValkDAAAQwAYAABDATTfeBIhFcf_____jAAAABMihBwAAQL8PSCluvdADV4pfQWw2k-H-AagQa7Va3W6s1WoFHJDNagIBAALwAQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ch-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20694

Redirect headers

date
Thu, 26 Oct 2023 23:01:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-ru91hJJE2oSt.sb8uakKBw3ABl6PgnL2ycBFDQ--~A
content-length
0
usync.js
eus.rubiconproject.com/ Frame B343 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a02728d692b9feaf335d6f971501393bb968b638728ca51e166d98e0efab7439

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:01:52 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Oct 2023 22:56:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=86035
Connection
keep-alive
Content-Length
11053
Expires
Fri, 27 Oct 2023 22:55:47 GMT
rocket-loader.min.js
targeting.voxus.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame BD31 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://targeting.voxus.tv/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: targeting.voxus.tv
URL: https://targeting.voxus.tv/a/index_nckv4.html?12943a233&client%3DO%20Globo%26website_id%3D2057%26obj%3D238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47%26type%3Dpageview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.160.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://targeting.voxus.tv/a/index_nckv4.html?12943a233&client%3DO%20Globo%26website_id%3D2057%26obj%3D238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47238b5637f41f33387ecb9ff9fb2f3e47%26type%3Dpageview
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 20 Oct 2023 18:17:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6532c42f-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zVIiqWDQ%2F6e0vgoYwaJVY2nV0tjLZIBtHa9Nc%2Fc0zbPNEyR34CFknJNk6ngdTX0LxTat3d6G16nfr5DFQan0QrCzLl5MFaafmZj2VJ2%2BjnK%2FnltDa2OBKZH6odpFKve5yN1ghY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
81c652db5851194d-FRA
expires
Sat, 28 Oct 2023 23:01:52 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
17d69d3fe3b171a29d7a763654995ae19af195c11dd285969953d8e916abb2b7

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:52 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
usync.html
eus.rubiconproject.com/ Frame A829 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by
Host: ch-match.taboola.com
URL: https://ch-match.taboola.com/sync?dast=V8r4oCLAZQSZbzp7maxBGgkiznT3M1iSsAAABgYID-AMkYB7PdbuZwKwzDlVs0s9jcCofD4pZYHDPDzGXamDy2ISAZ42C2280cboVhuHKLZhabW-FwWNwSi2NmmLlMG5PHNgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwSaoul0-Fz3er3P7Lf47Tqz3-K3a_xuv-Tp98v9pqfH6fBLBpPNXjHYK5Z7wc2tcuscLo_fLXNYX2633vCyPDwOv1vjt5suD7fC57KbXp63yOEW_M1Oj9Ph1jhtT7Nb5VaYbH-fw-S364ymt9k_s3jMTpN7yXtQCntDa-Ro9mhOu6_OZlA8fKphTbpxXo3PreEiueUAAAAA4MH___8_BAAAAIAIAAAAABIAAAAAKARU-LcgcAEAAAAAw____78GgPENAsQiB4V7mt1Ou8_0t_sDAAAAAAgAAAAAEgAFvKclAD7OZk78_________8cYoM-8kfH___9_Y6EHwIMPgAchAAAAH0PEgvjPARHur4kcrBRhBAAAAAB2rh38yCSdoGJR5f__v98KwBUAgIBFN5x99Cy6gxJvYQAAAAzGLNDD4vebHXaN3-0y__________9m_s_8oxHyWC9MI3zZE6fmFxAAYM0vIAAAG3UDAPAmAE7QMcDZbrIarY5C7IazwW4yGM5mBwAAAODO____vx6Q8ZgcnonJsBvtlguPxbdZrCyDxca52yw3lsHGsz1Geqtj1z45431ChGX2-w4KyunpMbsMoqLrbbE7nGbPQXzQMCwng2B-JmwxWk0mm-VwtlxMBsPRcDTan4FYDAdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB1G6xGQ5Gk7XGMxi5RZuZYy1xWUZryWJlc618o5lttXGLXh_TxzParVYrLxIMuNuL5GmRTgTDzcKxGs1sDudi4ZosloORbzLYWHaT0WZlWm0mYonmZJFOZJd9x2NyeCYmw260Wy48Ft9msbIMFhvnbrPcWAYbz761W2yGg9FkrfEMRm7RZuZYS1yW0VqyWNlcK99oZltt3KLXx_TxjHar1crfmC2Hm9lisxjsG7PlcDNbbBaDfYfO8F19zkbZ9pzymGTOaN-jrDkNCpfB4p0WLdLW4egzyiy3iGs1WU9fE6vQM_EaFJ6DR3Wz5qRObWQiO0-mCcfBooglgot0ojI5TX_Lw2f2W_xuvc_st_gtYonSdJFO9JKn3y_3m54ep8MvGUw2e8Vgr1juBTe3yq1zuDx-t8xhfbndesPL8vA4_G6N3266PNwKn8tuenneIodb8Dc7PU6HW-O0Pc1ulVthsv19DpPfrjOa3maLWCI4XaQT0ct4uqj_6CF2s7lisZpLNru5ZDJaJQAAAAAAAAAASzDJdBMAAAAAJ4PZrZa71TodyGA1HGxWywUg8Wep6we6kXtgRSN-12aZRAnKyPdPscYemyiT0_S3PHxmv8Xv1vvMfovfygAk3ESZbfYZQazValkDAAAQwAYAABDATTfeBIhFcf_____jAAAABMihBwAAQL8PSCluvdADV4pfQWw2k-H-AagQa7Va3W6s1WoFHJDNagIBAALwAQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ch-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 Oct 2023 23:01:52 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame CD6D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LO7SGZG3-9-JCJ8
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
0
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:53 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19088

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 3D9B 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34405002&p=157163&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e021b9a406f77024dc0b6e31289fef29c0711a1c54fe8acd0abd3772268bb7b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 23:01:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
bounce
ib.adnxs.com/ Frame BEBD
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:53 GMT
an-x-request-uuid
f150cdaa-7e39-42e2-898c-821f9928b151
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:53 GMT
an-x-request-uuid
5e9eb3de-a3e1-4de5-848f-73a4413c7f4a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 3951 		33 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
e8263d6e378841b9b2253c5378a8c777964dc981e52c94f363437e54ab59db5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame A829 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a02728d692b9feaf335d6f971501393bb968b638728ca51e166d98e0efab7439

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:01:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Oct 2023 22:56:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=86034
Connection
keep-alive
Content-Length
11053
Expires
Fri, 27 Oct 2023 22:55:47 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://taboola-d.openx.net/v/1.0/av?auid=541033705&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://taboola-d.openx.net/v/1.0/av?auid=543846819&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzY3NTZhNjMtZjE3ZC0yNzkzLWY3MDQtZGVkZDVhMjllYjNl
0
0
tap.php
pixel.rubiconproject.com/ Frame CD6D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/nOOZmSmw156ln0CWXX2haw?csrc=&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xi.0LyNE2oKz4JlIG7xodXzp_Ye9XmQdA8MoDg--~A
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xi.0LyNE2oKz4JlIG7xodXzp_Ye9XmQdA8MoDg--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 26 Oct 2023 23:01:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xi.0LyNE2oKz4JlIG7xodXzp_Ye9XmQdA8MoDg--~A
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame CD6D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ejYnBpc6ShuRS_XZ91481Q&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ejYnBpc6ShuRS_XZ91481Q&gdpr=0
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ejYnBpc6ShuRS_XZ91481Q&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 23:01:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MCZNHPTGSY6WXBHWPEN6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ejYnBpc6ShuRS_XZ91481Q&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame CD6D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0m0BO_M0T8mBUS8JQzCTCQ&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0m0BO_M0T8mBUS8JQzCTCQ&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0m0BO_M0T8mBUS8JQzCTCQ&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 23:01:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PHEZHRFCZGS95QG73XD7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0m0BO_M0T8mBUS8JQzCTCQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame CD6D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE83U0daRzMtOS1KQ0o4&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEF94GQyPIMBoiOx41ZlFOew&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE83U0daRzMtOS1KQ0o4&google_push=&gdpr=0
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE83U0daRzMtOS1KQ0o4&google_push=&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE83U0daRzMtOS1KQ0o4&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
setuid
px.ads.linkedin.com/ Frame CD6D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
0
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:53 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 5FFD806C77C145AC831CB5184AEE7538 Ref B: FRAEDGE1720 Ref C: 2023-10-26T23:01:53Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-source-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYIpo7OR5O+4w0YCBEanQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame CD6D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEh2Q4jc-nAf08PUnhHW5tU&google_cver=1
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEh2Q4jc-nAf08PUnhHW5tU&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEEh2Q4jc-nAf08PUnhHW5tU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame CD6D 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:53 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame CD6D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzM0ODUxNTBkYTk5Mjc1YjQyZTNmNjVkOGYzMzQ2NjdiNmYzZGY4NA&gdpr=0&us_privacy=1---
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzM0ODUxNTBkYTk5Mjc1YjQyZTNmNjVkOGYzMzQ2NjdiNmYzZGY4NA&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzM0ODUxNTBkYTk5Mjc1YjQyZTNmNjVkOGYzMzQ2NjdiNmYzZGY4NA&gdpr=0&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame CD6D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&gdpr=0&us_privacy=1---&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEXck7KdeAAABlVXBZoxQ&expires=30&gdpr=0
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEXck7KdeAAABlVXBZoxQ&expires=30&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEXck7KdeAAABlVXBZoxQ&expires=30&gdpr=0
Date
Thu, 26 Oct 2023 23:01:53 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync
hb.yahoo.net/ Frame CD6D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LO7SGZG3-9-JCJ8&redir=true&gdpr=0&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LO7SGZG3-9-JCJ8&gdpr=0&redir=true&us_privacy=1---
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1oWDZqVkg1RTJ1R1FlYnd2RnlXb2VWZmEzNHJ1MG5sbH5B&gdpr=0&ovsid=LO7SGZG3-9-JCJ8&dpid=58160&us_privacy=1---
52 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1oWDZqVkg1RTJ1R1FlYnd2RnlXb2VWZmEzNHJ1MG5sbH5B&gdpr=0&ovsid=LO7SGZG3-9-JCJ8&dpid=58160&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H2
Server
2.16.2.120 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-2-120.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 26 Oct 2023 23:01:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Thu, 26 Oct 2023 23:01:53 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1oWDZqVkg1RTJ1R1FlYnd2RnlXb2VWZmEzNHJ1MG5sbH5B&gdpr=0&ovsid=LO7SGZG3-9-JCJ8&dpid=58160&us_privacy=1---
date
Thu, 26 Oct 2023 23:01:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
check
pixel.tapad.com/idsync/ex/receive/ Frame CD6D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&gdpr=0&us_privacy=1---
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:53 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Thu, 26 Oct 2023 23:01:53 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
magnite
prebid.a-mo.net/setuid/ Frame CD6D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H2
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:53 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
tap.php
pixel.rubiconproject.com/ Frame CD6D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=134a2bf7-adc7-4400-bfcd-dfca7b0d7358&expires=30&gdpr=0&us_privacy=1---
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=134a2bf7-adc7-4400-bfcd-dfca7b0d7358&expires=30&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=134a2bf7-adc7-4400-bfcd-dfca7b0d7358&expires=30&gdpr=0&us_privacy=1---
Date
Thu, 26 Oct 2023 23:01:53 GMT
Connection
keep-alive
X-CI-RTID
46af2626-cde1-4b1f-b8c6-dbc1b3f86e72
Content-Length
175
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame CD6D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H2
Server
3.66.9.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-9-9.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:53 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
setuid
ib.adnxs.com/prebid/ Frame CD6D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&gdpr=0&us_privacy=1---
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:53 GMT
an-x-request-uuid
e2e9205d-60cd-4267-a6a9-d65baadcf8eb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
liveCS.php
live.primis.tech/live/ Frame CD6D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&us_privacy=1---
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
0
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol
H2
Server
13.32.99.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-20.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:53 GMT
content-encoding
gzip
via
1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P3
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
gFg3HeTtSGXcH3ymwaLeqxH9gUPAk2gxjfWWtpGIx1CMQJbNliV-bA==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
capi.connatix.com/us/ Frame 8E13
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&gdpr=0&us_privacy=1---
  • https://capi.connatix.com/us/pixel?puid=LO7SGZG3-9-JCJ8&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LO7SGZG3-9-JCJ8&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://capi.connatix.com/us/pixel?puid=LO7SGZG3-9-JCJ8&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
merge
ce.lijit.com/ Frame 8E13
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&us_privacy=1---
  • https://ce.lijit.com/merge?pid=80&3pid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
  • https://ce.lijit.com/merge?pid=80&3pid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---&dnr=1
43 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.16 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 23:01:53 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 23:01:53 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8E13
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=PfTkobOpUsdAKgpG7b0UT7Bz7eA
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=PfTkobOpUsdAKgpG7b0UT7Bz7eA
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=PfTkobOpUsdAKgpG7b0UT7Bz7eA
Date
Thu, 26 Oct 2023 23:01:53 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame 8E13
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=4fa71b52-33b7-4167-8b81-0ed2ef729168
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=4fa71b52-33b7-4167-8b81-0ed2ef729168
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-servername
Track003-iad
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:52 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=4fa71b52-33b7-4167-8b81-0ed2ef729168
cache-control
private,no-cache
content-length
223
expires
-1
Rubicon
s.seedtag.com/cs/cookiesync/ Frame 8E13
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag&gdpr=0&us_privacy=1---
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Protocol
H2
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:53 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 8E13
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164&gdpr=0&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1164&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=1337544187735000128
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=1337544187735000128
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=1337544187735000128
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 8E13
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=772374af-2e17-43d0-a662-08316d0352b8&gdpr=0&us_privacy=1---
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=772374af-2e17-43d0-a662-08316d0352b8&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:52 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=772374af-2e17-43d0-a662-08316d0352b8&gdpr=0&us_privacy=1---
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
651413
content-length
0
expires
Thu, 26 Oct 2023 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8E13
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6&gdpr=0&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7849898008418585844&expires=60&gdpr=0&gdpr_consent=
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7849898008418585844&expires=60&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7849898008418585844&expires=60&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
getuidnb
secure.adnxs.com/ Frame 8E13 		43 B
576 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:53 GMT
an-x-request-uuid
d6b6e281-3f9c-461b-8aae-3df87d844fe4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8E13
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon?gdpr=0&us_privacy=1---
  • https://sync.1rx.io/usersync2/rubicon?zcc=1&cb=1698361313229&us_privacy=1---
  • https://sync.targeting.unrulymedia.com/csync/RX-42a6c70d-6466-4525-9714-4f1b30e87069-003?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-42a6c70d-6466-45...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-42a6c70d-6466-4525-9714-4f1b30e87069-003&expires=30&us_privacy=1---
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-42a6c70d-6466-4525-9714-4f1b30e87069-003&expires=30&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-42a6c70d-6466-4525-9714-4f1b30e87069-003&expires=30&us_privacy=1---
date
Thu, 26 Oct 2023 23:01:53 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX42a6c70d6466452597144f1b30e87069003
content-type
text/html
709414.gif
id.rlcdn.com/ Frame 8E13 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie-sync
sync.outbrain.com/ Frame 8E13
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain&gdpr=0&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LO7SGZG3-9-JCJ8&obUid=&initiator=&gdpr=0&us_privacy=1---
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LO7SGZG3-9-JCJ8&obUid=&initiator=&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:01:53 GMT
Cache-Control
no-cache
X-TraceId
981f509c049f1a975f49ea19aa014794
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LO7SGZG3-9-JCJ8&obUid=&initiator=&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
cs
cs.yellowblue.io/ Frame 8E13
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rise_engage&gdpr=0&us_privacy=1---
  • https://cs.yellowblue.io/cs?aid=11590&id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Protocol
H2
Server
54.77.100.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-100-160.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:53 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
cs
cs.minutemedia-prebid.com/ Frame 8E13
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media&gdpr=0&us_privacy=1---
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Protocol
H2
Server
52.49.194.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-194-113.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:53 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
/
ssc-cms.33across.com/ps/ Frame 8E13
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=33across&gdpr=0&us_privacy=1---
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
0
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?xi=1&xu=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Protocol
H2
Server
67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP007 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-33x-status
2000208
date
Thu, 26 Oct 2023 23:01:52 GMT
server
33XP007

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ssc-cms.33across.com/ps/?xi=1&xu=LO7SGZG3-9-JCJ8&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
RX-42a6c70d-6466-4525-9714-4f1b30e87069-003
sync.targeting.unrulymedia.com/csync/ Frame 8E13
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&gdpr=0&us_privacy=1---
  • https://sync.1rx.io/usersync/rubicon/LO7SGZG3-9-JCJ8?gdpr=0&us_privacy=1---
  • https://sync.targeting.unrulymedia.com/csync/RX-42a6c70d-6466-4525-9714-4f1b30e87069-003
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-42a6c70d-6466-4525-9714-4f1b30e87069-003
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:53 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-42a6c70d-6466-4525-9714-4f1b30e87069-003
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:53 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
ca
tt-12842-2.seg.t.tailtarget.com/ 		86 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-12842-2.seg.t.tailtarget.com/ca?tZ=351461047&env=_ttq_ttGlobo
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
03a6abf7971ff5a994b62a398c9c7b20ac4a4d7e64480af337b1386deabe3fa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:53 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foglobo.globo.com%2F&domain=oglobo.globo.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://oglobo.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 26 Oct 2023 23:01:53 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
194624
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
374 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foglobo.globo.com%2F&domain=oglobo.globo.com&cw=1&pbt=1&lsw=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
205614
expires
0
usync.html
eus.rubiconproject.com/ Frame ECF5 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 Oct 2023 23:01:53 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 48D4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
47148
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 26 Oct 2023 23:01:53 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
175, 313168
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230053-FRA
X-Timer
S1698361313.146692,VS0,VE0
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.968279661277614
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-DkXOrvrsULc21U_-NHeQ1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:53 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-DkXOrvrsULc21U_-NHeQ1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=1.7410587023739936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-873-XDoBfwI4EThu7f9ctA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:53 GMT
content-security-policy
script-src 'report-sample' 'nonce-873-XDoBfwI4EThu7f9ctA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
api.voxus.tv/verify/ 		24 B
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.voxus.tv/verify/?adv_id=2057&ck_id=16983613128680.5250230095356077vax0wygdfti&ipa=true
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.89.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-89-160.compute-1.amazonaws.com
Software
Apache /
Resource Hash
91a198fc0c19694e2b6606ec092803daf9528b8834681b3aa3fac11361068b4c

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 26 Oct 2023 23:01:54 GMT
Server
Apache
Connection
keep-alive
Content-Length
24
Content-Type
text/html
state
api.permutive.com/v1.0/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 26 Oct 2023 23:01:53 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
996.json
id5-sync.com/g/v2/ Frame 3951 		276 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/996.json
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
df798667e48b7de8375bad4056d96aa02a0290b8ec4fa99ecea0837f28988603
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame ECF5 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a02728d692b9feaf335d6f971501393bb968b638728ca51e166d98e0efab7439

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:01:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Oct 2023 22:56:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=86034
Connection
keep-alive
Content-Length
11053
Expires
Fri, 27 Oct 2023 22:55:47 GMT
khaos.json
token.rubiconproject.com/ Frame A829 		7 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&us_privacy=1---&khaos=LO7SGZG3-9-JCJ8
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
fundingchoicesmessages.google.com/el/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-t4dQjPs3zIjsKJzDWc4aLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:53 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-t4dQjPs3zIjsKJzDWc4aLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://oglobo.globo.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 48D4 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:53 GMT
an-x-request-uuid
0daec94e-00e7-4a30-9638-48823758690f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
mbox
vidanalytics.taboola.com/putes/ 		2 B
151 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vidanalytics.taboola.com/putes/mbox
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

x-cache-hits
0
date
Thu, 26 Oct 2023 23:01:53 GMT
via
1.1 varnish
x-backend-name
5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00101
server
nginx
x-timer
S1698361314.551025,VS0,VE63
x-cache
MISS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2
x-served-by
cache-fra-eddf8230108-FRA
av
taboola-d.openx.net/v/1.0/
Redirect Chain
  • https://taboola-d.openx.net/v/1.0/av?auid=541033705&gdpr=0&us_privacy=1---
  • https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033705&gdpr=0&us_privacy=1---
48 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033705&gdpr=0&us_privacy=1---
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://oglobo.globo.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 26 Oct 2023 23:01:53 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033705&gdpr=0&us_privacy=1---
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
av
taboola-d.openx.net/v/1.0/
Redirect Chain
  • https://taboola-d.openx.net/v/1.0/av?auid=543846819&gdpr=0&us_privacy=1---
  • https://taboola-d.openx.net/v/1.0/av?cc=1&auid=543846819&gdpr=0&us_privacy=1---
48 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=543846819&gdpr=0&us_privacy=1---
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://oglobo.globo.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 26 Oct 2023 23:01:53 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=543846819&gdpr=0&us_privacy=1---
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SL5WEXQ2G6&gtm=45je3ap0v878491685z86920778&_p=406410932&gcd=11l1l1l1l1&cid=233865381.1698361305&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1698361308&sct=1&seg=0&dl=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&dt=Cidade%20da%20Pol%C3%ADcia%20Civil%20foi%20o%20palco%20da%20negociata%20para%20o%20tr%C3%A1fico%20de%2016%20toneladas%20de%20maconha%2C%20diz%20PF&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-SL5WEXQ2G6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		362 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
85ec4da72379eabdb0c0c2d0601477301028ab91b44a322d0cad1973546bae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127081
x-xss-protection
0
expires
Thu, 26 Oct 2023 23:01:54 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9501
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 23:01:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 23:01:53 GMT
expires
Thu, 26 Oct 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
715796
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame CB38 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=68405C29-7985-4838-B54E-3168FA288486&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 26 Oct 2023 23:01:54 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
8DHKRVSG3E118WSPVXM4
Pug
image2.pubmatic.com/AdServer/ Frame AB23
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gUBGl9ITEMSaRhHHhBFYwtZFTMCaR0PA0UaLmRar
42 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gUBGl9ITEMSaRhHHhBFYwtZFTMCaR0PA0UaLmRar
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 23:01:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 26 Oct 2023 23:01:54 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gUBGl9ITEMSaRhHHhBFYwtZFTMCaR0PA0UaLmRar
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 6558
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5270783453165889608&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5270783453165889608&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 23:01:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
24ff3514-d2d1-41ff-9bb1-2c8626f02607
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 26 Oct 2023 23:01:54 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5270783453165889608&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 498F
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294406278956382351&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294406278956382351&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 23:01:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 26 Oct 2023 23:01:54 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7294406278956382351&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame 81A5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=bad84a7b-c6a6-4560-ba86-f3d98e7e8a83&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=7b9e1ac4-2084-46cf-8b96-eb45588ccf5a&ssp=pubmatic&expires=30&user_group=5&bsw_param=bad84a7b-c6a6-4560-ba86-f3d98e7e8a83
43 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=4&user_id=7b9e1ac4-2084-46cf-8b96-eb45588ccf5a&ssp=pubmatic&expires=30&user_group=5&bsw_param=bad84a7b-c6a6-4560-ba86-f3d98e7e8a83
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.245.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-245-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 26 Oct 2023 23:01:54 GMT

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 26 Oct 2023 23:01:54 GMT
Location
https://x.bidswitch.net/sync?dsp_id=4&user_id=7b9e1ac4-2084-46cf-8b96-eb45588ccf5a&ssp=pubmatic&expires=30&user_group=5&bsw_param=bad84a7b-c6a6-4560-ba86-f3d98e7e8a83
Pug
simage2.pubmatic.com/AdServer/ Frame BB49
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PfTkobOpUsdAKgpG7b0UT7Bz7eA&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PfTkobOpUsdAKgpG7b0UT7Bz7eA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 23:01:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 26 Oct 2023 23:01:54 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=PfTkobOpUsdAKgpG7b0UT7Bz7eA&gdpr=0&gdpr_consent=
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3D9B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aEBcKXmFSDi1TjFo-iiEhg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Server
2.23.8.228 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-8-228.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:54 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=143910
accept-ranges
bytes
content-length
5606
expires
Sat, 28 Oct 2023 15:00:24 GMT

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 3D9B 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=68405C29-7985-4838-B54E-3168FA288486&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:54 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.1.201
content-length
49
expires
0
cr
cr.frontend.weborama.fr/ Frame 3D9B
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=664307197
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=664307197
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:54 GMT
via
1.1 google
last-modified
Thu, 26 Oct 2023 23:01:54 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:53 GMT
via
1.1 google
last-modified
Thu, 26 Oct 2023 23:01:54 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=664307197
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 3D9B
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=68405C29-7985-4838-B54E-3168FA288486
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aWdoeGRpZ1MtOHBTVU81cEJPcUpEalFndw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=1337544187735000128&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
HTTP/1.1
Server
52.3.75.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-75-156.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:01:54 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 26 Oct 2023 23:01:54 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 3D9B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Njg0MDVDMjktNzk4NS00ODM4LUI1NEUtMzE2OEZBMjg4NDg2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 23:01:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3D9B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHoNORSBYYvZTsTH_823RAU&google_cver=1
42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHoNORSBYYvZTsTH_823RAU&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 23:01:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHoNORSBYYvZTsTH_823RAU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 3D9B 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.158.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 25 Oct 2023 23:01:54 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3D9B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1337544187735000128
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1337544187735000128
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 23:01:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1337544187735000128
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 3D9B 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:54 GMT
server
Kestrel
content-length
70
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame 3D9B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=68405C29-7985-4838-B54E-3168FA288486&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-TJ7_EztE2uVYk_Ixc70E9VCqrB4gJEw-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-TJ7_EztE2uVYk_Ixc70E9VCqrB4gJEw-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-TJ7_EztE2uVYk_Ixc70E9VCqrB4gJEw-~A&gdpr=0
date
Thu, 26 Oct 2023 23:01:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
68405C29-7985-4838-B54E-3168FA288486
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3D9B 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/68405C29-7985-4838-B54E-3168FA288486?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.209.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-209-83.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3D9B 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:53 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
19071
dmp.t.tailtarget.com/seg/tailtarget/TT-12842-2/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.t.tailtarget.com/seg/tailtarget/TT-12842-2/19071
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:54 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
__tt.gif
t.tailtarget.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-12842-2&tE=0&tF=&tI=__north%20rhine-westphalia_de_1698361311979_2960387552&tJ=CA19071&tQ=ig-oglobo&tU=0100007FDFEF3A65A306819002A50615&tX=b.52&tY=1&tZ=424019672
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:54 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
async_usersync
ib.adnxs.com/ Frame BEBD 		0
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:54 GMT
an-x-request-uuid
de7ee26e-a74a-464d-b8a0-144000d0ab50
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 8AC7 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2gNilA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
api.ipify.org/ 		32 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=jsonp&callback=getIP
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
173.231.16.77 , United States, ASN18450 (WEBNX, US),
Reverse DNS
api.ipify.org
Software
nginx/1.25.1 /
Resource Hash
d7edaf12469d1c0b2b65250f92f97d41ff9cb20e016ace6349e87bcd288ab0ec

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 26 Oct 2023 23:01:54 GMT
Server
nginx/1.25.1
Connection
keep-alive
Content-Length
32
Vary
Origin
Content-Type
application/javascript
seg
secure.adnxs.com/ 		43 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=31018360&t=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:54 GMT
an-x-request-uuid
90800f85-d37e-41b7-bd19-b00f13dca956
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
__activity.gif
query.petametrics.com/v3/2v84n8g15c1895dv/48c8b322-6e65-4d94-8dfc-cdcc42507cb4/ 		35 B
85 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://query.petametrics.com/v3/2v84n8g15c1895dv/48c8b322-6e65-4d94-8dfc-cdcc42507cb4/__activity.gif?e=stuck_10s&ct=Cidade+da+Pol%C3%ADcia+Civil+foi+o+palco+da+negociata+para+o+tr%C3%A1fico+de+16+toneladas+de+maconha%2C+diz+PF&ccu=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&tspl=12521&blst=2355&ist=2489&iet=2493&bdst=2355&bdet=2482&bcttt=7&ts=1698361314202&jsk=2v84n8g15c1895dv&jsv=20230912&cu=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&uid=48c8b322-6e65-4d94-8dfc-cdcc42507cb4&sid=671c2b1a-07a3-4b3e-f204-d43e3814b47e&pvid=58c764b5-6d60-4067-9124-59649ce28730&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F118.0.5993.117+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.6&saveData=false&ctyp=unknown&tzo=-120&sdk=bc-pixel
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.14.190.35.bc.googleusercontent.com
Software
openresty/1.13.6.2 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 26 Oct 2023 23:01:54 GMT
via
1.1 google
server
openresty/1.13.6.2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
content-type
image/gif
600-
fundingchoicesmessages.google.com/f/AGSKWxXDL6OHTBd8ac_7Wx6RC2_066FuGcMxRGC8N2-XA0Uat9STsLrS3hEUnPFdRWQVVMT7GhY95I4YPp92vjXWbOqPG7KzO6z7mJgcy-vMI3zYK0gVVOIRS6XGXPGvBqZoO1Lms9Fo0yD035USAk7fI4hh5-_jK... 		54 B
298 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXDL6OHTBd8ac_7Wx6RC2_066FuGcMxRGC8N2-XA0Uat9STsLrS3hEUnPFdRWQVVMT7GhY95I4YPp92vjXWbOqPG7KzO6z7mJgcy-vMI3zYK0gVVOIRS6XGXPGvBqZoO1Lms9Fo0yD035USAk7fI4hh5-_jKp3-fsQ_yGQYikxpAIOzPYqZt4Apq3sL/_/ssc_ad.-strip-ads-/download-ad./getmarketplaceads./ad/600-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.E32zFFxhyeA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwbKo4bH_Gg15kiBi5gvL8IqgeT8w/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
97925588a1439b864c607f5feca22339c6c6d5cd282a3443e6ef8d68e67e797e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-JK9tV3ZUJbP1T18dQMgkng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:54 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-JK9tV3ZUJbP1T18dQMgkng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		61 B
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.E32zFFxhyeA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwbKo4bH_Gg15kiBi5gvL8IqgeT8w/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 22:25:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
2210
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51
x-xss-protection
0
server
cafe
etag
16023549773543154165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 26 Oct 2023 23:25:04 GMT
AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
fundingchoicesmessages.google.com/el/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tdFIiO33r7khNrHIeAGzzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-tdFIiO33r7khNrHIeAGzzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
fundingchoicesmessages.google.com/el/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-g_awB6znf1eLgBtaqB5H7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:54 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-g_awB6znf1eLgBtaqB5H7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://oglobo.globo.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 48D4 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:54 GMT
an-x-request-uuid
c61a9f14-d256-41a3-9fe2-3c034ae8530b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
fundingchoicesmessages.google.com/el/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-osiU0m-53lbdPdKOveaKqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:54 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-osiU0m-53lbdPdKOveaKqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://oglobo.globo.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
fundingchoicesmessages.google.com/el/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rB_bb-HLTHRvg85M9-xUkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:54 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rB_bb-HLTHRvg85M9-xUkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://oglobo.globo.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVfdkq1i4uQs3nmWchA3PdL5BCT5ErqZ9kokdwK8lq5CMmiqvT5KgSLa2Ofd4Uwpu_f3BrX0fsPk0K3mjz-IXmtn4PLCWmmN6gIKt-3cVlz8WFWn74oez1oGM96ZdHzXOvDfE44JQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVfdkq1i4uQs3nmWchA3PdL5BCT5ErqZ9kokdwK8lq5CMmiqvT5KgSLa2Ofd4Uwpu_f3BrX0fsPk0K3mjz-IXmtn4PLCWmmN6gIKt-3cVlz8WFWn74oez1oGM96ZdHzXOvDfE44JQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk4MzYxMzE0LDU4OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vb2dsb2JvLmdsb2JvLmNvbS9yaW8vbm90aWNpYS8yMDIzLzEwLzE5L3BmLWUtZ2FlY28tZmF6ZW0tb3BlcmFjYW8tY29udHJhLWFnZW50ZXMtZGEtcG9saWNpYS1jaXZpbC1lLWFkdm9nYWRvLmdodG1sIixudWxsLFtbOCwiRTMyekZGeGh5ZUEiXSxbOSwiZGUiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.E32zFFxhyeA.es5.O/am=CAM/d=1/rs=AJlcJMyK37tjtH9rl9Il12_6Ck82ia3Akw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
cb1c2ddad0f9faebfa39f95ada9948064dcdf5377675c66f3021cbebee94f70a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wj-6gXR4UPbs8JqwW6qc9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-wj-6gXR4UPbs8JqwW6qc9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310190101&jk=2341082111872422&bg=!o6CloO_NAAbo5yKYyOc7ADQBe5WfOHzEic5fIagkDWI-BFxyJDwjV7o3T6NF9AbysBdqeX_SEIRuTAuZeeQiPkwBxtxJAgAABfhSAAAAG2gBB5kCtJHTM4szA5gpL_x_Oy2W7iEav53PGRyXc_80UW9lHAfKZXtxPVebH9XQiaBXhGdHL--Emf4nwGh50aQZ9F8XkC1iIaT4OKpm5JVuf0R7Wkooe2S5a-5ivg051BzAL0ZR9zTwGYr-UNPsL_1-nAcmZqErspROOA_Msb8zltfVaAKOBw7mXqJBfbDG7sMf7jFoT-Ei8R55N9-hsWri_uaJEUQs91sUDbB_EA9_4To4DwUDoEIhijWD7ik7oCkZC1uWuCYYbXyNdX-WchhorUu8aSPn7IUW_92asR5OpngwO0Rf4hDLvzm7T9rxBq23s_Wn86a0-gjErYsCpEJ5Orv5UoZvSQWIKdT_uaPwMU5sKEPZ0n_S6EmhBezUKQxEm44d-M_g9CUgYQ441CiQLAYLe5gMhgxTbU1Lnn9vK0Nm74apw86lg_p0R-UkScdnNCFcwwPajqaMzbeUmKw0seDdTeio8wcXxrk-O9N8ktHlO3Tb05k56BPTO2tvC1u2lpDc3B0wgDykNokoA25Iw-PsObFodZu_dE5ofJyV6d0EbETZnjXnvveimXPAdC0mMIyPEMkoG_yVjzUGLad2ob7z09V6K07UsyYrxm-vKCyF-HsAPGEjwu47tWlmMuCrkyLBebvXHm4pI7G7M8w2hMYXu9LKH9_Kl3gii49L15tnwtfTByO9BagjzUd_biPqONelj2kYs5qK-7-Ax2F0qtS4MecL92ImSi5N3i9tBia4SnJJmYOJw4ZHVl2Z48ddSSsjnv-fLEc4C_IE8JSzjOCWBNmet_yzC6USESIIfaiWmPqXpPq8brYQ0LLyaNjk9_J52ucjyvMsvBB7dBIVVfe9BXppD9_Im1zcYhgZHnifszg_TOIQ1a_C7px1rd8D_CIISx2qbcI_O-CtsdjHGik4c_jaPsfL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://oglobo.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers
AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
fundingchoicesmessages.google.com/el/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xGN5sClyYFXNKQ_EYDBaFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-xGN5sClyYFXNKQ_EYDBaFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
fundingchoicesmessages.google.com/el/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW4RtM6uRfcshU484bsgpd2L3sJr2CovwoM51Qt_SwfUNXI3r_iborqlOsKm_GHgth2sy8_3J6XhALKleV438ykUO3KKP8oID-erKvI7dA9FJURRNiKNxnPqHL9KfQUno83MdvK3w==
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mclHwqrkcPMzf-BffpzMkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-mclHwqrkcPMzf-BffpzMkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://oglobo.globo.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU_UiZK1XSj-DPyAjhu9OHEN1TtQ52DJXcZTjg3lbbwUpBYmKpVv5-nw2dWj-F6nPlTeLfU6JStKHLH6XDwZ9_3TMVNvOk9kIeYgtVi6TePLx_7WIYPeCm7F2PIpLJuPmljunRZNw==
fundingchoicesmessages.google.com/el/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU_UiZK1XSj-DPyAjhu9OHEN1TtQ52DJXcZTjg3lbbwUpBYmKpVv5-nw2dWj-F6nPlTeLfU6JStKHLH6XDwZ9_3TMVNvOk9kIeYgtVi6TePLx_7WIYPeCm7F2PIpLJuPmljunRZNw==
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oeT4EBhD0RYvB3ohO2w2gQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-oeT4EBhD0RYvB3ohO2w2gQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 3D9B 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157163&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 3D9B 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32319404&p=157163&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e37b2dfa8ba82e65e3d89e8932c4cc8e23e74d6117fda92d712ca841f49c9b29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 23:01:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame AAA7 		35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=68405C29-7985-4838-B54E-3168FA288486&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 26 Oct 2023 23:01:56 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 6CE5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTrv5AAawKyvHwA_
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 26 Oct 2023 23:01:57 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230134-FRA
x-timer
S1698361318.887665,VS0,VE99

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Thu, 26 Oct 2023 23:01:56 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZTrv5AAawKyvHwA_
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230134-FRA
x-timer
S1698361316.087762,VS0,VE100
Pug
image2.pubmatic.com/AdServer/ Frame D00F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFWGNrN0tkZUFBQUJsVlhCWm94UQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEXck7KdeAAABlVXBZoxQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3986165594677749192&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAEXck7KdeAAABlVXBZoxQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D3986165594677749192%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=3986165594677749192&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEXck7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEXck7KdeAAABlVXBZoxQ&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEXck7KdeAAABlVXBZoxQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 23:01:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 26 Oct 2023 23:01:57 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEXck7KdeAAABlVXBZoxQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
/
csync.loopme.me/ Frame A41D 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame B8F3
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa36e177cac3a483893a1adb5f5360365
42 B
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa36e177cac3a483893a1adb5f5360365
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 23:01:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Thu, 26 Oct 2023 23:01:57 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa36e177cac3a483893a1adb5f5360365
pragma
no-cache
server
nginx
bridge
cm.adgrx.com/ Frame 6CC5 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Thu, 26 Oct 2023 23:01:57 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-5
cm
ipac.ctnsnet.com/int/ Frame 2C47 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 26 Oct 2023 23:01:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 8164
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4207548800602511053
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4207548800602511053
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 23:01:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4207548800602511053
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 763C
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588527108280432
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588527108280432
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 23:01:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Thu, 26 Oct 2023 23:01:57 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588527108280432
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cookiesync
core.iprom.net/ Frame 1A9B 		43 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 26 Oct 2023 23:01:57 GMT
Vary
Accept-Encoding
X-adserver-worker
molok-110df23b9285@version_1.574
X-core-time
0ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame 7C66
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e01d66f7ee883c26/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznabQUUMTnnSSYjXU&gdpr=0&gdpr_consent=
42 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznabQUUMTnnSSYjXU&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 23:01:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=kODCF8PznabQUUMTnnSSYjXU&gdpr=0&gdpr_consent=
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 55E4 		0
0
i.match
s.tribalfusion.com/z/ Frame C831
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
455 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81c652fd7c251bcf-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 23:01:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
81c652fc5b641bcf-FRA
content-type
text/html
date
Thu, 26 Oct 2023 23:01:57 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
10
mw
mwzeom.zeotap.com/ Frame 3D9B 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=68405C29-7985-4838-B54E-3168FA288486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.24.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
81c652fc4efa1e5b-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 3D9B
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=68405C29-7985-4838-B54E-3168FA288486&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=68405C29-7985-4838-B54E-3168FA288486&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=68405C29-7985-4838-B54E-3168FA288486&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:02:09 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:02:09 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=68405C29-7985-4838-B54E-3168FA288486&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 3D9B
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=68405C29-7985-4838-B54E-3168FA288486&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:57 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3D9B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7849898008418585844&gdpr=0&gdpr_consent=&us_privacy=
1 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7849898008418585844&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 26 Oct 2023 22:03:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7849898008418585844&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 3D9B
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=68405C29-7985-4838-B54E-3168FA288486&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=10f0f8c0fed5162d&is_secure=true&networkId=17100&version=1&nuid=68405C29-7985-4838-B54E-3168FA288486&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI1xq_ayFC6wMAXrqbAAAAAAA&expiration=1698447717&nuid=68405C29-7985-4838-B54E-3168FA288486&...
42 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI1xq_ayFC6wMAXrqbAAAAAAA&expiration=1698447717&nuid=68405C29-7985-4838-B54E-3168FA288486&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 22:03:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:57 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI1xq_ayFC6wMAXrqbAAAAAAA&expiration=1698447717&nuid=68405C29-7985-4838-B54E-3168FA288486&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3D9B
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c14c7f45-eec2-49e1-b101-c45f73d28376&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c14c7f45-eec2-49e1-b101-c45f73d28376&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 23:01:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c14c7f45-eec2-49e1-b101-c45f73d28376&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 26 Oct 2023 23:01:57 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
OpportunityServlet
ch-vid-events.taboola.com/ 		1 B
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ch-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/142387_208/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:57 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
all
csm.eu.criteo.net/ Frame 4093 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=BFz2l2kOJQGZiDnkHC6Ru_rsJMIR6iYTbUKxLFFaqIyTqUsoNS6Htk9-5lCvQRio7IOGWGXlH1H-o41qHySpyUtfAN3_3DvUyYE8MeDAQCGuKLjZ9bC-T6of2lpbKYxkA7jLpl48djTU4iuqTMWVFxVzMFLonVAo7dySRC0UoGH4L5DaSMCQzZjRyA37QYIzPC-9uH5QOTWPSACcDaQGyRVRmGSGDQrl2_F0LeEgUJSqlVpQlN3Q1e5cvZ6LdHY4kLqHqw&sds=2&rev=89054&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTrv2wANrv8Iu_S1AAUc6tw0SZUtLE58Ibr7kg&u=%7CcPdNlPfxj8kk1vKwEGwpUkC4k82U7TA852VU3oBG4cQ%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WorlxbH5PHq5yqN4ZfUFzi7DSY4wae9_VGh6uW4BYaa5FFUcX1DiQgXz489gF2oeA_LG5_34nsRb-eCmAvdbHrRQTUumeNcBI5nq3EMMwo8F-rGkm-47dyrMGXoUPT6qDkjGZ-uPfuy1EZpyHTVU-70caknN-OXnXOPUkk-YB80w50mP35Dtzu0kxm7PySrpLGLstAsjZlvtuuJK4ut8k7iHt1MJfVYeRoIct7LdnSiFsFC3P1R-k0O1JY3r_cqPfg9R0Pnhw3abY7HXv4M5Ga4NUVjMtY0FfKTVshcz3Zh7l8NQEIYaY8-zfEbipI1c_oEzhm1xjMpwtL_b1lmFSP4ycC7uyEVe9XiocgfUCd6mO0QTd0TzzI9LXpQBN_YhtqJg5zl4MPmvvBHCa64DTD-jeQG290JV3vMvWOXBH5pBWvVO96fQvahBtNxFXCv0lYSSHi2MAMGmKFo27DJREu0WFGD8yOMfL_7KdsCyoO06GRQwKQlAHo4oGEnhNP0Lz2_UXinye8LWiUtJN6dTgVOUAzHm3QuY8LOHdai1y9RH-oqEka-3rEQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBiPG2-86Zf_dNrXp7_UP6rmUmAzJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItODgyODU4NzE0OTQ3MzQzN8gBCakCFzX670WzsT7gAgCoAwHIAwKqBIkDT9BDeKGrcnP8p40ii2rzzrNlUqUNAsi89SVWbSz1wtGiRD0Uo-QJ7m-M_dvjVArQ1VBG0IXSqaZe33CFSeuSRKm6iaTc5qR52CAYopirwStXsfcZNVjiZAjXuUi66LoEBo0qB-YGZykzsiHLx8ECt9dgtSL-J6IzT5j5ONnEROgtVhazj6shHDEikKET1u0ss5TRg0EEHXitZvWewIRfUQNUAzxTc5_N9kUozdL5T9foajrpfNhTwnRIwRtViJteVe2Yh65Xp5-JMHr4oUIL_weRY5VKI_oaVmrc1gCQgH5NeQO7YOHTLZTYwjPsLxo_6QN2n2XU7MrRV5x4hOVa2SQQQ7Awyok60iBOfXhxFjV-PozFIrTGuKkOLJXsNIJ19yZW_qFTqbC30UhpRgOcM8DDLn3uPalzDZG1yFCLyngQFqHfMMx76wnjsEKBiA91Ekx4G0VaCADjEZq8JyIoNVca2B71nyicEoGyj0LxZCfDQ_JYznkEZHVkyG1DM9jkm1ePx02NQdYy4AQBgAbJs6nFhPOiylmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_347esvcKJjZNTD9RDy3C1EoMaNwA%26client%3Dca-pub-8828587149473437%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.25 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 26 Oct 2023 23:01:57 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 3D9B 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157163&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
oglobo
horizon-track.globo.com/event/ 		0
364 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://horizon-track.globo.com/event/oglobo
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryRH89wE68DbRGlngQ

Response headers

date
Thu, 26 Oct 2023 23:01:58 GMT
x-served-from
hzt-tsuru
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://oglobo.globo.com
access-control-allow-credentials
true
access-control-allow-headers
user,User-Agent,Content-Type,GLBID,GLBUID,GST
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foglobo.globo.com%2F&domain=oglobo.globo.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://oglobo.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 26 Oct 2023 23:01:58 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
162775
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ Frame DF86 		49 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a000034LEuvAAG&gdpr=0&src=pbjs&ver=6.29.3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:59 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
json
gum.criteo.com/sid/ Frame DF86 		2 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Foglobo.globo.com%2F&domain=oglobo.globo.com&cw=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
213539
expires
0
996.json
id5-sync.com/g/v2/ Frame DF86 		276 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/996.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
4eabcb8348f44fc589c7f67966245f6c4bcb3315d60f42e4522435c99b8aa4ba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://oglobo.globo.com
date
Thu, 26 Oct 2023 23:01:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame DF86 		43 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-43-143.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://oglobo.globo.com
cache-control
no-cache
x-server
10.45.29.181
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame DF86 		63 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
39bdc26c4359e605686a0329643a8dd1c4708bb532d3ff406c3e1f3e73eaf75b

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 26 Oct 2023 23:01:59 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 25 Nov 2023 23:01:59 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E502 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.23.8.228 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-8-228.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=143905
content-encoding
gzip
content-length
5606
content-type
text/html
date
Thu, 26 Oct 2023 23:01:59 GMT
expires
Sat, 28 Oct 2023 15:00:24 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame F383 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.65 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63445
content-encoding
gzip
content-type
text/html
date
Thu, 26 Oct 2023 05:24:35 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-id
kNp9kqbOCxyVcQ08izDbYuH4wvKujPzY_YguM7hrC5Hc-WgqNPH7yQ==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
usync.html
eus.rubiconproject.com/ Frame DFD1 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 Oct 2023 23:01:59 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7B06 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
47154
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 26 Oct 2023 23:01:59 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 19 Oct 2023 09:55:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
175, 312392
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230113-FRA
X-Timer
S1698361319.245049,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame BEB0 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1066
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81c653055fa69180-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 23:01:59 GMT
expires
Fri, 27 Oct 2023 03:01:59 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 88AD 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.88.129 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
58e214d293aaf47d992ebc2fc5dc0cae04e7ede7e0e5af4579c69b26557bf55b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://oglobo.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
12091
content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 23:01:59 GMT
expires
Sat, 28 Oct 2023 23:01:59 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.js
eus.rubiconproject.com/ Frame DFD1 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a02728d692b9feaf335d6f971501393bb968b638728ca51e166d98e0efab7439

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:01:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Oct 2023 22:56:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=86028
Connection
keep-alive
Content-Length
11053
Expires
Fri, 27 Oct 2023 22:55:47 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E502 		812 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62793713&p=157163&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
515239d8289639896f52c3be97bd5fd1c8c1694745f7c2bce5014933ef0b28b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 26 Oct 2023 23:01:58 GMT
content-length
812
content-type
text/html; charset=UTF-8
async_usersync
ib.adnxs.com/ Frame 7B06 		0
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
an-x-request-uuid
9fd7ff3d-64ed-4895-9bb9-56934baadb71
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 84CD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
829 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b403d49ae0d5aeefe18e920c1c1ddb2d6af76c41d9e5121dc73965626a2ce0fd

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81c65305fd0b1db3-FRA
content-encoding
br
content-type
text/html
date
Thu, 26 Oct 2023 23:01:59 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1QITsFMPnIeiVtvIiCz7qQbgO4gXW5cCiqE2r%2F50g9Ct0IGQQXEYNUUHzmBd6dLSNHHxYjYRH0jK8MpRcTUxMQn8TYsqy2wsTPDdT1N0cOBR7qL0TVPSUs8sxMZxw6WiRR1%2BDaSthgglw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81c65305cce31db3-FRA
content-length
0
date
Thu, 26 Oct 2023 23:01:59 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hd9QSTz%2FaCLT2J0ZF2oAQdIBbSTXcilUwWp6CgLVhwW7p%2BgfQVizzPEbsV1myFaFKCSNcTJKlGVrEy8WpCW%2F6hUeC0ouPkR4OzQLm9wq%2BwSlfXquMEgAUCt6AOIyV5H28hRTC3l%2BAHmLWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pubmatic
ad.mrtnsvr.com/sync/ Frame 2E91 		0
0
pub
matching.truffle.bid/sync/ Frame 2251 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 -, , ASN (),
Reverse DNS
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 26 Oct 2023 23:01:59 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 1F74
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:724B2D43DB354FDEB412D05B410B47C9&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:724B2D43DB354FDEB412D05B410B47C9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 26 Oct 2023 23:01:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 26 Oct 2023 23:01:59 GMT
expires
Wed, 25 Oct 2023 23:01:59 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:724B2D43DB354FDEB412D05B410B47C9&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
cksync.php
contextual.media.net/ Frame 1D7A
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=8175178579
  • https://sync.1rx.io/usersync/turn/7849898008418585844?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-42a6c70d-6466-4525-9714-4f1b30e87069-003?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3413629198755270000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3413629198755270000V10&type=r1&refUrl=&vid=83613193453413629198755270000V10&ovsid=RX-42a6c70d-6466-4525-9714-4f1b30e87069-003
52 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3413629198755270000V10&type=r1&refUrl=&vid=83613193453413629198755270000V10&ovsid=RX-42a6c70d-6466-4525-9714-4f1b30e87069-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.88.129 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
52
content-type
image/gif
date
Thu, 26 Oct 2023 23:01:59 GMT
expires
Thu, 26 Oct 2023 23:01:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E

Redirect headers

content-type
text/html
date
Thu, 26 Oct 2023 23:01:59 GMT
etag
RX42a6c70d6466452597144f1b30e87069003
location
https://contextual.media.net/cksync.php?cs=8&vsid=3413629198755270000V10&type=r1&refUrl=&vid=83613193453413629198755270000V10&ovsid=RX-42a6c70d-6466-4525-9714-4f1b30e87069-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Pug
simage2.pubmatic.com/AdServer/ Frame E502
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5270783453165889608
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5270783453165889608
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 26 Oct 2023 23:01:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
an-x-request-uuid
e072de78-10cd-4afa-9a31-1dc56e0e8a85
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5270783453165889608
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pubcid.php
hbx.media.net/ Frame 88AD 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
date
Thu, 26 Oct 2023 23:01:59 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Thu, 26 Oct 2023 23:31:59 GMT
sync
gum.criteo.com/ Frame 88AD 		60 B
299 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=1&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
603559
expires
60
cksync.html
contextual.media.net/ Frame 256F
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3413629198755270000V10%26type%3Drkt%26refUrl%3D%26vid%3D836131934534136291987552700...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3413629198755270000V10&type=rkt&refUrl=&vid=83613193453413629198755270000V10&ovsid=5144588527108280432
226 B
488 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3413629198755270000V10&type=rkt&refUrl=&vid=83613193453413629198755270000V10&ovsid=5144588527108280432
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.88.129 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
47b142dad425dd3e330d84bfdfced3a4828c4f104792b49e158015a293b5ace9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
226
content-type
text/html;charset=UTF-8
date
Thu, 26 Oct 2023 23:01:59 GMT
expires
Thu, 26 Oct 2023 23:01:59 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Thu, 26 Oct 2023 23:01:59 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3413629198755270000V10&type=rkt&refUrl=&vid=83613193453413629198755270000V10&ovsid=5144588527108280432
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
log
c21lg-d.media.net/ Frame 88AD 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=3413629198755270000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-ct
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 23:01:59 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 26 Oct 2023 23:01:59 GMT
cksync.php
contextual.media.net/ Frame 88AD
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3413629198755270000V10%...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=7a25f0e69dd1819&is_secure=true&version=1&networkId=57734&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3413629198755270000V10&type=con&refUrl=&vid=83613193453413629198755270000V10&ovsid=AAAIaa5PmAxk0QMZYkjPAAAAAAA&expiration=1698447719&is_secure=true...
52 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3413629198755270000V10&type=con&refUrl=&vid=83613193453413629198755270000V10&ovsid=AAAIaa5PmAxk0QMZYkjPAAAAAAA&expiration=1698447719&is_secure=true&gdpr_consent=&gdpr=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.79.88.129 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 26 Oct 2023 23:01:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Thu, 26 Oct 2023 23:01:59 GMT

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3413629198755270000V10&type=con&refUrl=&vid=83613193453413629198755270000V10&ovsid=AAAIaa5PmAxk0QMZYkjPAAAAAAA&expiration=1698447719&is_secure=true&gdpr_consent=&gdpr=1
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame 88AD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3413629198755270000V10%26type%3Dr1%26refUrl%3D%26vid%3D83613193453413629198...
  • https://ad.turn.com/r/cs?pid=45&rndcb=4018275104
  • https://sync.1rx.io/usersync/turn/7849898008418585844?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-42a6c70d-6466-4525-9714-4f1b30e87069-003?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3413629198755270000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3413629198755270000V10&type=r1&refUrl=&vid=83613193453413629198755270000V10&ovsid=RX-42a6c70d-6466-4525-9714-4f1b30e87069-003
52 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3413629198755270000V10&type=r1&refUrl=&vid=83613193453413629198755270000V10&ovsid=RX-42a6c70d-6466-4525-9714-4f1b30e87069-003
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.79.88.129 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 26 Oct 2023 23:01:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Thu, 26 Oct 2023 23:01:59 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3413629198755270000V10&type=r1&refUrl=&vid=83613193453413629198755270000V10&ovsid=RX-42a6c70d-6466-4525-9714-4f1b30e87069-003
date
Thu, 26 Oct 2023 23:01:59 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX42a6c70d6466452597144f1b30e87069003
content-type
text/html
cksync
cs.media.net/ Frame 88AD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQxMzYyOTE5ODc1NTI3MDAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEDcSGqGrZkiVLesf0BnpjQo&google_cver=1
52 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEDcSGqGrZkiVLesf0BnpjQo&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
2.23.8.24 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 23:01:59 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
52
x-mnet-hl2
E
Expires
Thu, 26 Oct 2023 23:01:59 GMT

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEDcSGqGrZkiVLesf0BnpjQo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 88AD 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=1&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:58 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
463449
expires
Thu, 26 Oct 2023 00:00:00 GMT
sync
x.bidswitch.net/ Frame 88AD 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=1&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.245.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-245-130.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:59 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cksync.php
contextual.media.net/ Frame 88AD
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=
52 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.79.88.129 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 26 Oct 2023 23:01:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Thu, 26 Oct 2023 23:01:59 GMT

Redirect headers

Location
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=
Pragma
no-cache
Date
Thu, 26 Oct 2023 23:01:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
91
Content-Type
text/html; charset=utf-8
cksync.php
contextual.media.net/ Frame 88AD
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3413629198755270000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=b2669404-b33d-4820-b9ef-bbd57d6337f4&cs=1
52 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=b2669404-b33d-4820-b9ef-bbd57d6337f4&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.79.88.129 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 26 Oct 2023 23:01:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Thu, 26 Oct 2023 23:01:59 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=b2669404-b33d-4820-b9ef-bbd57d6337f4&cs=1
Date
Thu, 26 Oct 2023 23:01:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
710489.gif
id.rlcdn.com/ Frame 88AD 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 88AD 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:59 GMT
server
Kestrel
content-length
70
content-type
image/gif
cksync.php
contextual.media.net/ Frame 88AD
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=medianet
  • https://creativecdn.com/cm-notify?pi=medianet&tc=1
  • https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=o2g0GmPIRwy01iFgrxC2&pi=medianet&tc=1
52 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=o2g0GmPIRwy01iFgrxC2&pi=medianet&tc=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.79.88.129 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 26 Oct 2023 23:01:59 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Thu, 26 Oct 2023 23:01:59 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&vsid=%7BMedia.net_User_id%7D&type=rbh&ovsid=o2g0GmPIRwy01iFgrxC2&pi=medianet&tc=1
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT, Thu, 26 Oct 2023 23:01:59 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 84CD 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:59 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 84CD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZTrv5wRgoaySb5hTtNHEeAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL32naF9kNMIE0H-6HgF-BA&google_cver=1
43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL32naF9kNMIE0H-6HgF-BA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5AKZcd6rB26%2B%2FWi777TmL%2FE9yGEkNj44lWYfgLV0ZR4jptqO6JWdDTAPCz8XkOWYISiSPi5i5dgBWsScTRP%2BoZI0d7vb%2BeBzYqX%2Bazd0m71CfKEP7PM1dfKX6Wz4e9C6oAJE1%2BhZkgMtyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c653069e081db3-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL32naF9kNMIE0H-6HgF-BA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
28292
i6.liadm.com/s/ Frame 84CD
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTrv5wRgoaySb5hTtNHEeAAA%265260&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-mDAAeZHxdvVWIqL5c4I35FW8IvQrfgsje4ydVA
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-mDAAeZHxdvVWIqL5c4I35FW8IvQrfgsje4ydVA
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-mDAAeZHxdvVWIqL5c4I35FW8IvQrfgsje4ydVA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
34.202.8.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:02:00 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-mDAAeZHxdvVWIqL5c4I35FW8IvQrfgsje4ydVA
Date
Thu, 26 Oct 2023 23:02:00 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
usermatchredir
ssum-sec.casalemedia.com/ Frame 84CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTrv5wRgoaySb5hTtNHEeAAAFIwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEpWgGy7F0J2MSqIUmuFFpY&google_cver=1
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEpWgGy7F0J2MSqIUmuFFpY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5mSxIDVtJJItd66tqXpha6cTbnL2Ft9Ta111EH9Vvam8enjPp%2BSNtqFDedVTc5bet0lnuWXwzoJkFLalj8iPQT1Sb9sm4sRpXgCDMVE7S%2FS80md0eeVpsN%2BF5C4q%2F2KE9fRQstj9t3rQw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c653065dcc1db3-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEpWgGy7F0J2MSqIUmuFFpY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 84CD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5270783453165889608
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5270783453165889608
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZp563O%2FLIIH4%2FIogfnPL1yfzQ28F0135Q2ZAEfSVxMVz4gmfLGeOxukgTsTLbQsut1VhKk5wY4I731DzOxfBX8pANtyF4LJrvCNqex31PbB%2Ba0fxG2bAt%2BdyXkyrAccPyhy72Oi"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c653065dc81db3-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
an-x-request-uuid
8a885248-142d-4f04-acef-bdf7519fcc84
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5270783453165889608
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum.casalemedia.com/ Frame 84CD
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=3c57591cc3c218e2&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIaa5PmAxk0gM968-VAAAAAAA&expiration=1698447719&is_secure=true
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIaa5PmAxk0gM968-VAAAAAAA&expiration=1698447719&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hKZO6WmigRRPgoZs41jI8vrXsvFNT%2FZVQVtG4OxmbLUynFjsa7xHeoAdQdeYJrHF4BjM0WEAOOdUiu2bKJsZCZV5Ny2DK5WgvgjkI09CxwU%2BI%2BqfkNV1Uv8OLs8Uq3cUpw2SpQL"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c653069e071db3-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAIaa5PmAxk0gM968-VAAAAAAA&expiration=1698447719&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 84CD
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=f710d9521cf742ce98679892821660aa&expiration=1700953319
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=f710d9521cf742ce98679892821660aa&expiration=1700953319
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjlh6LGljgb2XW0kAGR%2BQd3X6yr2WKR781QsWRZo%2FIy0z7dEtx808tJCkEFJ1VCfWvUmViVGog4CTVa9EAD4dJdt%2B61PP1%2FChvBfSLN4HIN4BIwgj4ZQcOQ%2BliMwiFGL9SDRmNMtTrQxlA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c653067de01db3-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:58 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=f710d9521cf742ce98679892821660aa&expiration=1700953319
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 84CD 		43 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZTrv5wRgoaySb5hTtNHEeAAAFIwAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.161.173 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 23:01:59 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1698361319314056-406
Expires
Thu, 26 Oct 2023 23:01:59 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 84CD 		43 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZTrv5wRgoaySb5hTtNHEeAAA%265260
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Foglobo.globo.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:59 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
3910
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
81c6530648489180-FRA
content-length
43
expires
Fri, 27 Oct 2023 23:01:59 GMT
log
c21lg-d.media.net/ Frame 88AD 		35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=1081aca4-ddf6-4eb7-9bac-944f7a8c19ed&cs=15&vsid=3413629198755270000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C157%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C2045%2C3012%2C201%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C77%2C141%2C262%2C461%2C222%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 26 Oct 2023 23:01:59 GMT
content-length
35
content-type
image/gif
usermatch
ssum-sec.casalemedia.com/ Frame 1664 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c432691e211a3eeaf4586fedc6b57d548b36a63bf169fe88995c876a16ac6a2

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81c653076ec51db3-FRA
content-encoding
br
content-type
text/html
date
Thu, 26 Oct 2023 23:01:59 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FtkNQqoNLDy76u%2BzwUQeCPTK%2FJUW%2B3dWRkbET7PrBukK1tssEbx7ygtvDVbj0IZ2qRQENX19kp8K3bcqV0m9D0FF%2BTGOWVqIgUsPv1JtdDkSIkTs%2FJ7m93Mh7ihZepQxtorXX02Sq0vyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C5E4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 Oct 2023 23:01:59 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 26 Oct 2023 23:01:59 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
cm
us-u.openx.net/w/1.0/ Frame F383 		43 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame F383
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-RoXsD4lE2uGuYtjJRlj7qcF5_FZZ02Jg~A
0
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-RoXsD4lE2uGuYtjJRlj7qcF5_FZZ02Jg~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
18.66.97.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:59 GMT
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
content-length
0
x-amz-cf-id
A-yE6UgNLOfxP_-pkoBrQ2PmFBdDpkNTjWHxVMyk5XbJhYywWnSr1g==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-RoXsD4lE2uGuYtjJRlj7qcF5_FZZ02Jg~A
date
Thu, 26 Oct 2023 23:01:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame F383 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:59 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
usr.undertone.com/userPixel/ Frame F383
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LO7SGZG3-9-JCJ8
0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LO7SGZG3-9-JCJ8
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
18.66.97.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:59 GMT
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
content-length
0
x-amz-cf-id
LBC-duI9o3uUZXTpwnWKC4toAIR-1lKef9GKt0GJwcwiT_wI8vRPiw==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LO7SGZG3-9-JCJ8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
sync
usr.undertone.com/userPixel/ Frame F383
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D68405C29-7985-4838-B54E-3168FA288486
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=68405C29-7985-4838-B54E-3168FA288486
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=68405C29-7985-4838-B54E-3168FA288486
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
18.66.97.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:59 GMT
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
content-length
0
x-amz-cf-id
pW_dV5qo388VhRP0Z4vCkrQ5lXAsrXjgAz4RG-AhwQ6UO-xIJt_TeQ==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=68405C29-7985-4838-B54E-3168FA288486
date
Thu, 26 Oct 2023 23:01:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame F383 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame F383
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-hXEpWCRE2uFHtTXFzDbgOZzY3.WQLurzrmBqEhg-~A
0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-hXEpWCRE2uFHtTXFzDbgOZzY3.WQLurzrmBqEhg-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
18.66.97.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:59 GMT
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
content-length
0
x-amz-cf-id
28iO8iOZ4FIcYc_Mu_5SSDyKmkNJakSdWGQRqsu-UgCo2J4WaRpCTg==
x-cache
Miss from cloudfront

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-hXEpWCRE2uFHtTXFzDbgOZzY3.WQLurzrmBqEhg-~A
date
Thu, 26 Oct 2023 23:01:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
s.amazon-adsystem.com/ Frame 1664 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTrv5wRgoaySb5hTtNHEeAAAFIwAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 23:01:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BFQKSJ77VC8R4DRQZXG8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
28292
i6.liadm.com/s/ Frame 1664
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTrv5wRgoaySb5hTtNHEeAAA%265260&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-mDAAeZHxdvVWIqL5c4I35FW8IvQrfgsje4ydVA
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-mDAAeZHxdvVWIqL5c4I35FW8IvQrfgsje4ydVA
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-mDAAeZHxdvVWIqL5c4I35FW8IvQrfgsje4ydVA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
34.202.8.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:02:00 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-mDAAeZHxdvVWIqL5c4I35FW8IvQrfgsje4ydVA
Date
Thu, 26 Oct 2023 23:02:00 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
ZTrv5wRgoaySb5hTtNHEeAAAFIwAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1664 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZTrv5wRgoaySb5hTtNHEeAAAFIwAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.209.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-209-83.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 1664
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5270783453165889608
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5270783453165889608
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJq98Z%2FsHKClaUfWdGZgMnQEx8S9r%2B8oksKcDLaRHQc71mRHRrjGy%2BKy2NvpXgPPbrkup%2FB0Du4ToNY4IxWfTXoJJGHej0VmgMzwSJsn7fIppYSAbCF6CibMdCMfVJNukp9KgsYwaVL70Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c65307bf011db3-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
an-x-request-uuid
d4315c6f-9d7e-4792-99ab-84adebc37188
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5270783453165889608
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1664
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7849898008418585844
43 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7849898008418585844
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWL4GkzSUCUeKYXcugj1Nji0ilWu5YbuuelLE5JTPyXOnt5LmrfPmdGESvwD0Cy2wTngMXWqpD5tAVIn0rGKOCbkrAWnA%2F6k4wDwZQVFbjSkEtzvM5pRZm1aB1dezFVT%2FtSSTDO78D11bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c65307cf0b1db3-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7849898008418585844
pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
bridge
cm.adgrx.com/ Frame 1664 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-5
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 1664 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.16.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-16-139.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 26 Oct 2023 23:01:59 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1664
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=q7L7hvjhrdWwtKzWruPl0_y38dGwtf7R-7RPe_vo
43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=q7L7hvjhrdWwtKzWruPl0_y38dGwtf7R-7RPe_vo
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjNaICD5LQ8whrUwkJP8K4z%2BDOXltiex6us99Y%2FOmN9NcXcK8pKZYnYgn1Zy31F7uIDSuPvXAGfUfG2DigBk6OSW2mrWY%2FpK8jtjDuISst3h26Wts%2B0I4xDWYIWvsyc6RlWgMc1uUoZY0g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81c65307cf0a1db3-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:01:59 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=q7L7hvjhrdWwtKzWruPl0_y38dGwtf7R-7RPe_vo
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 1664 		0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZTrv5wRgoaySb5hTtNHEeAAAFIwAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:59 GMT
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
content-length
0
x-amz-cf-id
ltNgbIqMcznoXxLjEb6Kr0E4YZPzhUuWdBIQ49YYwHJgEA9-X83FBA==
x-cache
Miss from cloudfront
usync.js
eus.rubiconproject.com/ Frame C5E4 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a02728d692b9feaf335d6f971501393bb968b638728ca51e166d98e0efab7439

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 23:01:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Oct 2023 22:56:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=86028
Connection
keep-alive
Content-Length
11053
Expires
Fri, 27 Oct 2023 22:55:47 GMT
khaos.json
token.rubiconproject.com/ Frame C5E4 		7 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LO7SGZG3-9-JCJ8
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
sync
usr.undertone.com/userPixel/ Frame C5E4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LO7SGZG3-9-JCJ8
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LO7SGZG3-9-JCJ8
0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LO7SGZG3-9-JCJ8
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
18.66.97.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:01:59 GMT
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
content-length
0
x-amz-cf-id
pNFCK4pz5ZZb9uZnfeSuq_-LVFARttL9mONXeWLPbc78T1pCC6C6pg==
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LO7SGZG3-9-JCJ8
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
Expires
0
/
logs-01.loggly.com/inputs/27cf9a30-eb89-41a7-ba82-3280d33fb2cf/tag/https/ 		19 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logs-01.loggly.com/inputs/27cf9a30-eb89-41a7-ba82-3280d33fb2cf/tag/https/
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.80.3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 26 Oct 2023 23:02:00 GMT
Server
nginx
Connection
keep-alive
Access-Control-Allow-Headers
Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP
Content-Length
19
Content-Type
text/html
async_usersync
ib.adnxs.com/ Frame 7B06 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 23:02:00 GMT
an-x-request-uuid
2fd6e8b8-4d8f-42da-a20c-1eaa6b818981
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.237.224; 176.115.237.224; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ingest.php
events.newsroom.bi/ 		2 B
780 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1464
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.19.96.35 , France, ASN16276 (OVH, FR),
Reverse DNS
haproxy03.cl13.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://oglobo.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 26 Oct 2023 23:02:00 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://oglobo.globo.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
SPug
simage4.pubmatic.com/AdServer/ Frame E502 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157163&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 23:02:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame E502 		47 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=41881659&p=157163&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 26 Oct 2023 23:02:02 GMT
content-length
47
content-type
text/html; charset=UTF-8
ping
ping.chartbeat.net/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aps.zqtk.net
URL
https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Domain
aps.zqtk.net
URL
https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzY3NTZhNjMtZjE3ZC0yNzkzLWY3MDQtZGVkZDVhMjllYjNl
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
ping.chartbeat.net
URL
https://ping.chartbeat.net/ping?h=oglobo.globo.com&p=%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml&u=DLWKR27f10_DcXimK&d=oglobo.globo.com&g=56624&g0=Rio&g1=Giulia%20Ventura%2C%20Paolla%20Serra%20e%20Rafael%20Soares&n=1&f=00001&c=0.25&x=0&m=0&y=10434&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-&b=7199&t=DmDoUe0ZSzFCMeCrBsolWD1ITql&V=141&tz=-120&_acct=anon&sn=2&sv=CJNgbICMYFk7D6J9GMBCeRhcrJnz1&sd=1&im=067bffff&_

Verdicts & Comments Add Verdict or Comment

671 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| documentPictureInPicture object| cdaaas object| HorizonClient object| utag_data function| globalWebdeps object| glb object| settings function| OneSignal string| ambienteUtilizadoPiano boolean| conteudoExclusivo string| nomeProdutoPiano string| tipoConteudoPiano string| nomeEditoriaPiano string| nomeSubeditoriaPiano object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS number| __oneSignalSdkLoadCount function| __jp0 object| header_data_globoid object| header_data_login_area_container object| oidcSettings string| gcomBarUseCustomUrl string| gcomBarcustomUrl string| gcomBarcustomUrlTitle string| gcomBarcustomUrlTitleColor object| usrData string| $igniter_var function| $p function| translateCanonicalUrl function| trackRecommendation function| renderRecommendation function| registerRecommendation function| applyRecommendation function| recommendationTrigger object| timeout function| recommendationListener string| NEWS_COMMERCIAL_NAME string| NEWS_SFE_NAME string| TEMPLATE_TYPE function| isMigratedContent object| el boolean| IsMigratedContent object| SETTINGS object| bstn boolean| BASTIAN_UBER_HEADLINE object| BASTIAN_INFO object| webpackChunkli_browser_client object| webpackJsonp object| regeneratorRuntime boolean| hasPaywall object| tp object| PaywallAnalytics object| tinyCpnt object| dataLayer object| Piano object| responseVariables object| SWG object| swgEntitlements object| ScrollSpy object| globoPage object| localStorageCache function| stringStartsWith function| isArray function| extendObjs object| ajaxCache object| tinyBasket object| manageElementClasses object| viewportSize number| myInnerWidth number| myInnerHeight function| fnSpriteSvgSuccess function| PhotoGallery function| setImmediate function| clearImmediate object| WM object| __core-js_shared__ object| core boolean| _babelPolyfill function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| googletag function| ___tp object| pbjs function| bannerLazyLoading function| disableLazyLoad function| enableLazyLoad boolean| libPubReady function| comScore object| ns_p object| BlockAdBlock object| blockAdBlock object| pbjsChunk object| _pbjsGlobals object| loadTimes function| convertRecAb object| $jscomp function| __extends object| Horizon object| glb_realtime_map object| pvm object| cX function| cxCCE_callQueueExecute object| cxTest object| ari object| ggeac object| google_tag_data object| google_js_reporting_queue object| PianoESPConfig object| glbUserAvatarCpnt object| regrasTiny string| _GALimite string| _GAContagem boolean| executouPageview undefined| google_measure_js_timing number| google_unique_id object| gaGlobal object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 undefined| cXJsonpCB1 object| signal_decrypted object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_143 object| Criteo object| Criteo_identitytag_143 object| __uid2SecureSignalProvider object| __uid2 function| $ function| jQuery function| changeBg function| checkIfTranslated object| horizonResources function| HorizonSendEvent function| HorizonSchedulePageLoadEvent object| editoraGloboAuthenticationLib object| __SENTRY__ function| _ object| commentsEl function| Bastian object| photogallery object| _gaq object| jQuery183016075407896016736 object| tv4 function| JsonpService function| Util function| CacheService object| Cadun function| EventService object| GloboIDSDK object| _cdn object| cq function| GloboAB object| globoAB object| google_tag_manager object| hadron boolean| __halo_loaded__ string| GoogleAnalyticsObject function| ga undefined| arrayGloboId object| GlobalIvcNamespace function| ivc boolean| semPaywall object| bVejaMais object| observer object| config object| _sf_async_config string| user_type function| e object| el_mab object| _cbq number| _sf_endpt function| t object| marfeel function| fbq function| _fbq function| renderBanner function| insertPubInImage object| MAP_POSITIONS function| renderPositions boolean| ehMobile boolean| isMobile number| tempo boolean| fixed object| publicidadeFixa string| n object| d object| _taboola function| insertPubInText function| insertPubFloating function| insertTouchPoint object| taboolaEvents object| _tblConsole number| trc_debug_level object| TRC object| TRCImpl undefined| __startEngine boolean| __tblTrecsInit function| __trcDebug function| __trcError function| __trcInfo function| __trcWarn string| pm_pgtp function| onYouTubeIframeAPIReady string| nomeExperienciaBotao string| buttonValorImg string| buttonValorUrl function| getCookie function| hasCookie function| removeOldVersionsFromStorage function| insertUserDataOnDataLayer function| insertUserDataOnStorage function| getGloboIdFromCookie function| getUserDataFromLocalStorage function| getUserDataFromUsergate function| finishEvent string| HORIZON_RECOMMENDATION function| insertHorizonRecommendation function| notifyHorizonRecommendation object| au object| gaplugins object| Snowplow object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY string| alcn object| pageview object| adseen boolean| fromOther object| gasent object| dmcluster string| cookie_id boolean| ismobile function| __voxusTrackPage number| llapweiqpooqkw boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand undefined| _pm_ecd undefined| _tb_vpx undefined| _tb_vpmd boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| webpackChunk_marfeel_marfeel_sdk object| __mrfCompass function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam string| trc_article_id string| trc_item_url string| trc_map_url object| trc object| TTTagManager function| TTTagManagerError object| _ttq_ttGlobo object| permutive object| apntag object| __permutive function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ah object| _pm_mcg object| nvg13574 function| nvgGetSegment function| ltgc string| prmstr object| prmarr object| tmparr object| nvg_hosts object| naveggReady object| _cbm object| webpackChunk_marfeel_compass_multimedia_sdk object| gaData object| libAnalytics boolean| libAnalyticsReady number| taboola_view_id object| commonSignals function| commonTracker function| sendCommonHit object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ string| usubida_domain object| usubidaPages string| clientDomain object| clientDomainWl object| subusubidaPages object| igpgs object| usubidaFBPixels string| voxus_key string| voxus_keypip string| client_id object| sgotasd boolean| logglyloadvoxus object| lastDataLoggly string| thisip object| getip function| getIP string| axel number| a function| sgarq object| intervalDocumentOnloadVoxusDsp function| voxusAnalyticsValidation boolean| sgarqRun function| checkEnterprise boolean| dataExcludeValidated number| intervalDataExcludeValidated boolean| interPixel boolean| interConversion boolean| igvxtst boolean| igvxgtst boolean| kopid boolean| kopiduh boolean| adinter boolean| sent_usubida boolean| sentloggly boolean| alihuadsa boolean| alihuadsanw boolean| pipcluster boolean| converted number| converted_gl number| retroative boolean| creativekaoq boolean| ___vx__runCVL boolean| sgotasdkaoq boolean| kopidCooked number| totalSes boolean| isicgt number| enterpriseId object| urlsToBloq number| redir number| imp number| attmob object| alcm object| alcc boolean| isChrome object| kiphouYiasO object| alvx2 object| alvx1 object| alvx3 boolean| lswf boolean| dc string| VOXUS_RTDT_DATA function| setisicgt undefined| fs string| __domain__ function| decodeURLComponentEscaped object| vxencd function| getParameterByNameVx__ undefined| acsBef object| u15PixelsApip boolean| utmInThisPage boolean| otnoreal undefined| u15I undefined| pipscript2 undefined| s undefined| __v undefined| sgotasdkaoqsplit undefined| ignoredPage function| __voxMainProc undefined| urlTrackerVx undefined| httptrk boolean| sgotasdExists string| dspHostPxl string| VezonHostPxl function| reloadPixels function| CookiesVx number| c2 number| c1 string| alcs string| alsd string| st string| sd string| cs string| cn string| cm number| targetingOnload object| cmds undefined| t3m_i object| _ttGlobo object| ttcNamespace object| container object| script object| script2 object| script3 object| googlefc number| intervalId object| GoogleGcLKhOms string| nam object| placementData string| version string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| cmTag object| criteo_pubtag_prebid_139 object| Criteo_prebid_139 function| TTBase function| ttBaseE object| _ttqHolder object| _cm_wfCounters object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| OWRmODk0Yzg1NTk2MTQxMGxvYWRlcl9qcw== string| OWRmODk0Yzg1NTk2MTQxMGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| tbopt function| Zepto object| Backbone function| startCMTagMain string| category function| OvaMediaPlayer object| WP3 object| WM_PLAYER_VIDEO_TAG_TEST_AUDIO object| WM_PLAYER_VIDEO_TAG_TEST_MUTE object| Clappr object| vttjs function| WebVTT object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog boolean| 05bd9a5f-d173-41ae-acd3-f2fc327e6804 object| google_image_requests number| logglyOnloadVoxusDsp

205 Cookies

Domain/Path Name / Value
oglobo.globo.com/rio/noticia/2023/10/19 Name: _gada_ses.8e9a
Value: *
oglobo.globo.com/rio/noticia/2023/10/19 Name: _gada_id.8e9a
Value: 3456a114-e8ba-4171-af6b-7ffde5d4a151.1698361309.1.1698361309.1698361309.57ce0116-e66b-4ad6-a862-ff0518af870d
oglobo.globo.com/rio/noticia/2023/10/19 Name: privAu
Value: 0
id.globo.com/auth/realms/globo.com/ Name: AUTH_SESSION_ID
Value: c7415cb2-46b7-445e-bbbd-ae4b8cd031ca.mig-rhsso-cache-prod-mhsl
id.globo.com/auth/realms/globo.com/ Name: AUTH_SESSION_ID_LEGACY
Value: c7415cb2-46b7-445e-bbbd-ae4b8cd031ca.mig-rhsso-cache-prod-mhsl
.taboola.com/editoraglobo-oglobo/ Name: taboola_session_id
Value: v2_ccda3bd07479acb731e201c9739c20c3_57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e_1698361310_1698361310_CNawjgYQlv9JGIL34_G2MSABKAEw4QE4kaQOQLe-DkjdztkDUPgDWABgAGjM5NTS6dDlyd4BcAE
.liadm.com/j Name: lidid
Value: d2507d13-5a5b-4952-b544-979b3f5441f0
.onesignal.com/ Name: __cf_bm
Value: DNOuT5JERIwRwVwE82Ua0b_6Msm3wc516EN56ARYQWw-1698361303-0-AbCH7OrndXUl9FcZYlbCoI2Yyh+sJ2W9c5mvDF6vkcE2xiCA4dlefVtPLGYxoOc7JE/o39oOFyVm2L8jMNucGWU=
.globo.com/ Name: _igt
Value: 671c2b1a-07a3-4b3e-f204-d43e3814b47e
.globo.com/ Name: _ig
Value: 48c8b322-6e65-4d94-8dfc-cdcc42507cb4
.globo.com/ Name: _pc_randomCookieForPiano
Value: cookieB
.globo.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIEYOBWAJh44A2QQAYRADgAsggMyjJAdhABfIA
.globo.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lo7sgxtg29kji42w%22%7D
.globo.com/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
.globo.com/ Name: pbjs_sharedId
Value: 98536ede-4442-4946-ba86-d40cee812f74
.globo.com/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
oglobo.globo.com/ Name: __adblocker
Value: false
.piano.io/ Name: __cf_bm
Value: cClNy0eCeKrOOLIEXdOWylm26l8OotrxNMMJqPixMpA-1698361305-0-AbOcK9KLdoBbNoV34VKqni2gbr+gY+XFLQ+Tgr4W/ZQ07wm6qW+TS2MDpmTONiJJWRcS29RYY7VenamcFkgD59o=
.globo.com/ Name: __tbc
Value: %7Bkpex%7DAtADb8sI8sxN3SIq7TeRfyCWDj4X_PaoJ1jAsx05Rl_Ofe97V6sqLXT1dCNQV9W9
.globo.com/ Name: __pat
Value: -10800000
.globo.com/ Name: __pvi
Value: eyJpZCI6InYtbG83c2d4dHZuNTh6ZW1yMCIsImRvbWFpbiI6Ii5nbG9iby5jb20iLCJ0aW1lIjoxNjk4MzYxMzA1Mzg5fQ%3D%3D
.globo.com/ Name: xbc
Value: %7Bkpex%7DQuY5hZqk4FQEprPt2-1hpE3kUd-naQRc-5_6NF6z0hrJuvh6xR_SuoHl13GwSTmYq1r5BTyDKKSc9PW4ivhPDgeIKKLi36pJzQMFyj7LO98WQPr_qQNUTlJD9-9x79IPxHLsFus2y9EEu4F4AiYmNVe6hjXnHmQ-3LZh1nsZktrXdwc23kcshIaSVpYe2sUMw4Ro4luRtqytXKrQLHkI29aH4BKbsOZ7CXnss64zXOFhj5mlg2cj4u8X9yXf7EZdRMtGppJvsU-r8va3LTgVwFO7M6fZ6eAjVCLJ6nwmjKtDIJZrZzKGPoC8S-qMZhzwKGaeEsQChofuCWOtH57jyMsV3ABZe4IjxR2AMQaFGOasY6-Uh43gyj0uIy2Us5EfQ9dqM_-Ow1yzePi1TKIQwSnZLky7JvaY0DOY0LVv9HMH3KLXG7vWyRDQ_hpEahgsTMCFVRJBslz5pEtguvoyDr0g0V9erkP9KJFF91IvHtaIUQoRbJ3NjU1Fc_xXSXAg
oglobo.globo.com/ Name: _pc_newswall_b
Value: true
.globo.com/ Name: cX_P
Value: lo7sgxtg29kji42w
.globo.com/ Name: lotame_domain_check
Value: globo.com
.cxense.com/ Name: gckp
Value: 1kxmfwxponof1vmnj3anjzqzl
.globo.com/ Name: cX_G
Value: cx%3A746q6x46nq4t3tki5hnbv7gui%3A2bb2bku9m5c9f
.openx.net/ Name: i
Value: 89b686f0-918d-46c0-b832-4c8cf4ec16a3|1698361305
.globo.com/ Name: __gads
Value: ID=2c4527b28f861de0:T=1698361305:RT=1698361305:S=ALNI_MbMrATG-CZl3k8e9UCgtgzKkTBCVA
.globo.com/ Name: __gpi
Value: UID=00000ca9fd040cec:T=1698361305:RT=1698361305:S=ALNI_MaRMr9VQqPMTXEkFpMQOzPmPmbpgA
.doubleclick.net/ Name: IDE
Value: AHWqTUnv4DT7cZF-FBmUlKNc_kVj3J8XY7tJrnmpD4LKYjGtJhUE75LPS6uXejeGn1U
.globo.com/ Name: kppid
Value: 38105120137109138254
.globo.com/ Name: hsid
Value: ad5f9d87-cdf5-4b0b-9695-efbf9b00e6c6
oglobo.globo.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.globo.com/ Name: _li_dcdm_c
Value: .globo.com
.globo.com/ Name: _lc2_fpi
Value: be2f1ac8945b--01hdq3htx0gtr7xz8wgkm312yh
.globo.com/ Name: _pubcid
Value: ae0777c5-b9e7-4908-8d21-43cf5fe09bd5
.criteo.com/ Name: uid
Value: 772374af-2e17-43d0-a662-08316d0352b8
.prebid.a-mo.net/ Name: __amc
Value: 1_1698361306_1698361306
.rubiconproject.com/ Name: khaos
Value: LO7SGZG3-9-JCJ8
.liadm.com/ Name: lidid
Value: d2507d13-5a5b-4952-b544-979b3f5441f0
ads.resetsrv.com/ Name: ckbk
Value: 000001189E344B35
.tinypass.com/ Name: LANG
Value: pt_BR
.tinypass.com/ Name: LANG_CHANGED
Value: pt_BR
.globo.com/ Name: __li_idex_cache
Value: %7B%7D
.oglobo.globo.com/ Name: _cb_oglobo
Value: DLWKR27f10_DcXimK
.oglobo.globo.com/ Name: _chartbeat2_oglobo
Value: .1698361308817.1698361308817.1.CJNgbICMYFk7D6J9GMBCeRhcrJnz1.1
.oglobo.globo.com/ Name: _cb_svref_oglobo
Value: null
.globo.com/ Name: ___nrbic_1464
Value: %7B%22previousVisit%22%3A1698361308%2C%22currentVisitStarted%22%3A1698361308%2C%22sessionId%22%3A%22309d7a86-cf17-407e-a67b-a94e5cc1dc09%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-%22%2C%22referrer%22%3A%22%22%7D
.globo.com/ Name: compass_uid
Value: bc15cb41-32de-443b-ae9c-1af19e60b28e
events.newsroom.bi/ Name: 1464_u
Value: bc15cb41-32de-443b-ae9c-1af19e60b28e
events.newsroom.bi/ Name: 1464_lv
Value: null
events.newsroom.bi/ Name: 1464_ut
Value: 0
.globo.com/ Name: _fbc
Value: fb.1.1698361309396.IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
.globo.com/ Name: _fbp
Value: fb.1.1698361309398.788365593
.adfarm1.adition.com/ Name: UserID1
Value: 7294406278956382351
.simpli.fi/ Name: suid
Value: 724B2D43DB354FDEB412D05B410B47C9
.globo.com/ Name: glb_uid
Value: "mOIybSoF3IG2a6B3L6hKjhZYcBdbLnyvG1BTHxSSc14="
cocoon.globo.com/ Name: GCLB
Value: "3cffc5384cc9de3e"
.globo.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.globo.com/ Name: _ga
Value: GA1.2.233865381.1698361305
.globo.com/ Name: _gid
Value: GA1.2.915941492.1698361310
.navdmp.com/ Name: nid
Value: 138a3db9a4af794157893b233b10|0|326
.globo.com/ Name: _dc_gtm_UA-51216819-1
Value: 1
.globo.com/ Name: _dc_gtm_UA-51216819-16
Value: 1
.globo.com/ Name: _gat_pianoTracker
Value: 1
.globo.com/ Name: nav13574
Value: 138a3db9a43357b25c2226fef610|2_301
.globo.com/ Name: _ga_SL5WEXQ2G6
Value: GS1.1.1698361308.1.1.1698361309.0.0.0
.krxd.net/ Name: _kuid_
Value: P4P9x_HL
.globo.com/ Name: permutive-id
Value: 4323f97c-a72f-4f0e-adc4-dbb150e06a4f
.d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/ Name: pxid
Value: 8d35b4d3-8917-4e77-a69c-8f171ce58aca
.youtube.com/ Name: YSC
Value: hybVIMjSt7Y
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: l7M7CvTTahQ
.globo.com/ Name: _hzt.interval
Value: 20000
.taboola.com/ Name: t_gid
Value: 57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e
.taboola.com/ Name: t_pt_gid
Value: 57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e
.globo.com/ Name: voxusmediamanager_ignore
Value: true
.globo.com/ Name: voxusmediamanager_ignoreot_full
Value: true
.globo.com/ Name: GLBEXP
Value: fgZhWy/Wqwf/e3K03IbxIdRLw5zEyrMZiunRZN3WC7I=
events.newsroom.bi/ Name: 1464_s
Value: 309d7a86-cf17-407e-a67b-a94e5cc1dc09
oglobo.globo.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D57138042-c30d-43f1-be24-21ef5e74f65c-tuctc34755e
oglobo.globo.com/ Name: tt_c_vmt
Value: 1698361311
oglobo.globo.com/ Name: tt_c_c
Value: direct
oglobo.globo.com/ Name: tt_c_s
Value: direct
oglobo.globo.com/ Name: tt_c_m
Value: direct
.adscale.de/ Name: uu
Value: fe55e536d3734bb6a9bde133abe07ccb
.adscale.de/ Name: cct
Value: 1698361311074
.bidswitch.net/ Name: tuuid
Value: bad84a7b-c6a6-4560-ba86-f3d98e7e8a83
.bidswitch.net/ Name: c
Value: 1698361311
.bidswitch.net/ Name: tuuid_lu
Value: 1698361311
.mfadsrvr.com/ Name: tuuid
Value: b2669404-b33d-4820-b9ef-bbd57d6337f4
.mfadsrvr.com/ Name: c
Value: 1698361311
.mfadsrvr.com/ Name: tuuid_lu
Value: 1698361311
.mfadsrvr.com/ Name: ssh
Value: !taboola,1698361311
.contextweb.com/ Name: V
Value: WukvYO4SRmRK
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 11ea7f144c8dfcd3
oglobo.globo.com/ Name: _ttuu.s
Value: 1698361311338
.3lift.com/ Name: tluid
Value: 823970699143373719435
.creative-serving.com/ Name: tuuid
Value: 7b9e1ac4-2084-46cf-8b96-eb45588ccf5a
.creative-serving.com/ Name: c
Value: 1698361311
.creative-serving.com/ Name: tuuid_lu
Value: 1698361311
.postrelease.com/ Name: visitor
Value: 97623458-e9ce-44fe-9925-1fef4af1da9b
.postrelease.com/ Name: status
Value: 0
.t.tailtarget.com/ Name: _ssc
Value: y
.mediago.io/ Name: __mguid_
Value: 2a46ab349791394c2rm23000lo7sh2x1
.tt-12842-2.seg.t.tailtarget.com/ Name: trk
Value: i/GhaYRnsf4g0uRCqv1Gmw==
.t.tailtarget.com/ Name: u
Value: fwAAAWU679926gbqG4r2AgB=
.yahoo.com/ Name: A3
Value: d=AQABBN_vOmUCEBi7CqFV3JmS7v_IVyd1crYFEgEBAQFBPGVEZQAAAAAA_eMAAA&S=AQAAAoiDWDpk2yw2NSlQ6uWdbL0
oglobo.globo.com/ Name: tt.u
Value: 0100007FDFEF3A65A306819002A50615
.globo.com/ Name: cto_bundle
Value: lCjGJl9aYVNOUG13Rms5Zlg0cDRRZm4xV1ZGcmE0WFpHYlpqcThnUVcyakNhWUZtWW00RDZhd1A2UnlWcGMlMkIzN3lDWks1WTMzYkpqcGZOOTlhN2JORmZkN1dPN2wxaFN2aXpFeHJXUWpUTENseGxQZDElMkJHVGxteThJUHIyeTY4N2E5Z3dzeTk2SVZMU1RtWExyNTE3T1JwWVpnJTNEJTNE
.t.tailtarget.com/ Name: ttbprf
Value: __north rhine-westphalia_de_1698361311979_2960387552
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
oglobo.globo.com/ Name: _lr_retry_request
Value: true
oglobo.globo.com/ Name: _lr_env_src_ats
Value: false
.globo.com/ Name: __li_idex_cache_e30
Value: %7B%7D
oglobo.globo.com/ Name: pbjs_li_nonid
Value: %7B%7D
oglobo.globo.com/ Name: tt.nprf
Value:
.voxus.tv/ Name: _dmp_
Value: 16983613128680.5250230095356077vax0wygdfti
.voxus.tv/ Name: voxusdsp_ret2
Value: [["2057","2023-10-26 23:01:52"]]
.globo.com/ Name: voxusmediamanager_id
Value: 16983613128680.5250230095356077vax0wygdfti
.adnxs.com/ Name: uuid2
Value: 5270783453165889608
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 68405C29-7985-4838-B54E-3168FA288486
.openx.net/ Name: pd
Value: v2|1698361313|gu
.tt-12842-2.seg.t.tailtarget.com/ Name: ttca
Value: CA19071_1698361313
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-42a6c70d-6466-4525-9714-4f1b30e87069-003%22%7D
.adform.net/ Name: C
Value: 1
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.lijit.com/ Name: ljt_reader
Value: HjYlrQZHGuu7Gtm9QB6ROAPe
.tapad.com/ Name: TapAd_TS
Value: 1698361313357
.tapad.com/ Name: TapAd_DID
Value: 8a6dfb83-caca-4f6c-9558-12bda69f2e88
.turn.com/ Name: uid
Value: 7849898008418585844
.adform.net/ Name: uid
Value: 1337544187735000128
.bidr.io/ Name: bito
Value: AAEXck7KdeAAABlVXBZoxQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-42a6c70d-6466-4525-9714-4f1b30e87069-003%22%7D
.lijit.com/ Name: _ljtrtb_80
Value: LO7SGZG3-9-JCJ8
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxPN1NHWkczLTktSkNKOCIsImV4cGlyZXMiOiIyMDI0LTAxLTI0VDIzOjAxOjUzWiJ9fSwiYmlydGhkYXkiOiIyMDIzLTEwLTI2VDIzOjAxOjUzWiJ9
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJ369GueCBwsEJ1CFcnc4nQ61J7tyuz9oCPK_roS04xhW5PKpIGr2rwGDk5QC4TM1
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-3df4e4a1-b3a9-52c7-402a-0a46edbd144f.luh8qn9botvJ%2B%2F9ZKlynsEogBWzLjt%2BJ%2FLJB8l4sVYw
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-3df4e4a1-b3a9-52c7-402a-0a46edbd144f.luh8qn9botvJ%2B%2F9ZKlynsEogBWzLjt%2BJ%2FLJB8l4sVYw
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3APfTkobOpUsdAKgpG7b0UT7Bz7eA.9b46M5Gu6POpveyvBcHk%2B7Nc2PqzSIEVY7%2BC%2BVVgidI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3APfTkobOpUsdAKgpG7b0UT7Bz7eA.9b46M5Gu6POpveyvBcHk%2B7Nc2PqzSIEVY7%2BC%2BVVgidI
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINMkMumVpXMYLQypZQKOQXX7-TTZPG28ulvTna9ATheTEHwYBCDh3-upBjABOgSSgrqOQgTrzNzp.Z0YoJylZCXaXeRMLTeUDFrXgtK%2BwvmNW2K9r%2FH6bxe4
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKINMkMumVpXMYLQypZQKOQXX7-TTZPG28ulvTna9ATheTEHwYBCDh3-upBjABOgSSgrqOQgTrzNzp.Z0YoJylZCXaXeRMLTeUDFrXgtK%2BwvmNW2K9r%2FH6bxe4
.amazon-adsystem.com/ Name: ad-id
Value: A2BQe-TlDUR2i6yQzlWl-Zo
.globo.com/ Name: voxusmediamanager_acs
Value: true
.globo.com/ Name: ___nrbi_1464
Value: %7B%22firstVisit%22%3A1698361308%2C%22userId%22%3A%22bc15cb41-32de-443b-ae9c-1af19e60b28e%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1698361308%2C%22timesVisited%22%3A1%2C%22userType%22%3A0%7D
.ipredictive.com/ Name: cu
Value: 134a2bf7-adc7-4400-bfcd-dfca7b0d7358|1698361313704
.linkedin.com/ Name: bcookie
Value: "v=2&94317c80-5ead-41e8-843c-1059b70c7aa6"
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2658:u=1:x=1:i=1698361313:t=1698447713:v=2:sig=AQEII1OpKi8aof4DhUNyifRwMSeMIPqF"
.adnxs.com/ Name: anj
Value: dTM7k!M4/YErk#WF']wIg2E>8x:STy!fsuh$e(rxPl[h>oaUgZoTtv*5a4*rIb?V[jJipY_7Q<-x:NzF%(3]^%6lPU.w(F*
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2epb:19e0~2epb:18z8~2epb"
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqTpHs6i5VmHmVQ8wAZyi55Qg/m6WRlI6V/Yn8wEWol1/qRZ8tUC+YFGufBhvyYO7PggJ3pD4CYm+Q9UIzQv+Ek+WbVps3Kg00JrHenJgWdLQ==
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5270783453165889608&KRTB&23339-5270783453165889608
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7294406278956382351&KRTB&23369-7294406278956382351
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1337544187735000128&KRTB&23263-1337544187735000128&KRTB&23481-1337544187735000128
.weborama.fr/ Name: AFFICHE_W
Value: GaDsfveFQL4Z47
.primis.tech/ Name: csuuid
Value: 653aefe227fd2
.t.tailtarget.com/ Name: n
Value: 1698361314
.quantserve.com/ Name: d
Value: EMkBCwGjKvijAA
.quantserve.com/ Name: mc
Value: 653aefe2-3d13d-4a096-266f3
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-PfTkobOpUsdAKgpG7b0UT7Bz7eA&KRTB&23334-PfTkobOpUsdAKgpG7b0UT7Bz7eA&KRTB&23417-PfTkobOpUsdAKgpG7b0UT7Bz7eA&KRTB&23426-PfTkobOpUsdAKgpG7b0UT7Bz7eA
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHoNORSBYYvZTsTH_823RAU&KRTB&23025-CAESEHoNORSBYYvZTsTH_823RAU&KRTB&23386-CAESEHoNORSBYYvZTsTH_823RAU
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-gUBGl9ITEMSaRhHHhBFYwtZFTMCaR0PA0UaLmRar&KRTB&19420-gUBGl9ITEMSaRhHHhBFYwtZFTMCaR0PA0UaLmRar&KRTB&22979-gUBGl9ITEMSaRhHHhBFYwtZFTMCaR0PA0UaLmRar&KRTB&23403-gUBGl9ITEMSaRhHHhBFYwtZFTMCaR0PA0UaLmRar
.audrte.com/ Name: arcki2
Value: ighxdigS-8pSUO5pBOqJDjQgw!20220908!1698361314482!ip#176.115.237.224
.audrte.com/ Name: arcki2_pubmatic
Value: 68405C29-7985-4838-B54E-3168FA288486!20220908!1698361314485
.globo.com/ Name: voxusmediamanager__ip
Value: 176.115.237.224
.globo.com/ Name: FCNEC
Value: %5B%5B%22AKsRol9Z-_cT0a7K0iUUaUZ4qt8TUKAji53HhzlIp_gMVNHLtTHNapRgrC4lrfxziKX_fXTMEMuc74U75K3bMNtGqiWYSTiPRo-crmKlXkWy4rI5OwXoJsDse9m48LH7CYsPzO2h8yGwCoXIvRF8qJZshH7RXVeTpQ%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.audrte.com/ Name: arcki2_ddp2
Value: ighxdigS-8pSUO5pBOqJDjQgw!20220908!1698361314668
.audrte.com/ Name: arcki2_adform
Value: 1337544187735000128!20220908!1698361314832
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 157163:4
.pubmatic.com/ Name: DPSync3
Value: 1699488000%3A227_226_219_197_201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1699488000%3A234_251_56_55_166_254_161_46_220_54_3_21_8_13_233_264_88_81_214_238_176_71_22_165%7C1700870400%3A203%7C1699142400%3A63%7C1699574400%3A35%7C1698883200%3A223_2_15
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7849898008418585844&KRTB&23150-7849898008418585844&KRTB&23527-7849898008418585844
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZTrv5AAawKyvHwA_
.de17a.com/ Name: guid
Value: 1.4207548800602511053
.adx.opera.com/ Name: UID
Value: OPUa36e177cac3a483893a1adb5f5360365
.semasio.net/ Name: SEUNCY
Value: B5261451E5202D2
.adsby.bidtheatre.com/ Name: __kuid
Value: c14c7f45-eec2-49e1-b101-c45f73d28376.467575317
.onaudience.com/ Name: cookie
Value: e01d66f7ee883c26
.onaudience.com/ Name: done_redirects147
Value: 1
.ctnsnet.com/ Name: cid_f710d9521cf742ce98679892821660aa
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUa36e177cac3a483893a1adb5f5360365&KRTB&23485-OPUa36e177cac3a483893a1adb5f5360365&KRTB&23524-OPUa36e177cac3a483893a1adb5f5360365
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-4207548800602511053
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlhbGZobGhuYWAJAHxbZUIQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1Mjc0sDCyMDAxNhLiM9T1cDdMNs93zU92y4oCAEuwhtQlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1Mjc0sDCyMDAxNhLiM9T1cDdMNs93zU92y4oCAEuwhtQlAAAA
.zeotap.com/ Name: zc
Value: 284e6ab6-9357-4c1a-7449-0858259d073c
.smartadserver.com/ Name: pid
Value: 3986165594677749192
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAEXck7KdeAAABlVXBZoxQ
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5144588527108280432
.onaudience.com/ Name: done_redirects104
Value: 1
.dotomi.com/ Name: DotomiTest
Value: 10f0f8c0fed5162d
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1nn6|7dN.0.AAEXck7KdeAAABlVXBZoxQ
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAI1xq_ayFC6wMAXrqbAAAAAAA&KRTB&22713-AAAI1xq_ayFC6wMAXrqbAAAAAAA&KRTB&22715-AAAI1xq_ayFC6wMAXrqbAAAAAAA&KRTB&23519-AAAI1xq_ayFC6wMAXrqbAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-kODCF8PznabQUUMTnnSSYjXU
.pubmatic.com/ Name: PugT
Value: 1698361317
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEXck7KdeAAABlVXBZoxQ
.pubmatic.com/ Name: SPugT
Value: 1698361316
.tribalfusion.com/ Name: ANON_ID
Value: aTnt6ZaNj6WlCyhURB1xU20jXJLZbrQ5Y02mbktDRTY9KGQdR4uQXHfR2OqUTlZcmhwvZbbNEYAAnfZds7ERsO5AqMXCOfpQY

22 Console Messages

Source Level URL
Text
deprecation warning URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js(Line 24)
Message:
Listener added for a synchronous 'DOMCharacterDataModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d74ccc4990474677d3b1e31c2673c5e5.js(Line 24)
Message:
Listener added for a synchronous 'DOMCharacterDataModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
network error URL: https://buy.tinypass.com/checkout/template/style.css
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Message:
Access to XMLHttpRequest at 'https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-' from origin 'https://oglobo.globo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://buy.tinypass.com/style.css
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://globo-mab.globo.com/mab/bastian-advwblt-r5:oglobo:desktop:multicontent:ep/chooseAndIncrement
Message:
Failed to load resource: the server responded with a status of 422 ()
network error URL: https://globo-mab.globo.com/mab/bastian-advwblt-r5:oglobo:desktop:multicontent:dinamico/chooseAndIncrement
Message:
Failed to load resource: the server responded with a status of 422 ()
javascript error URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Message:
Access to XMLHttpRequest at 'https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-' from origin 'https://oglobo.globo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://aps.zqtk.net/92bb6886-83?url=https%3A%2F%2Foglobo.globo.com%2Frio%2Fnoticia%2F2023%2F10%2F19%2Fpf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml%3Ffbclid%3DIwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Message:
Failed to load resource: net::ERR_FAILED
javascript warning URL: https://cdn.tinypass.com/api/tinypass.min.js
Message:
The PerformanceObserver does not support buffered flag with the entryTypes argument.
javascript error URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://oglobo.globo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://id.rlcdn.com/709414.gif?gdpr=0&us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://capi.connatix.com/us/pixel?puid=LO7SGZG3-9-JCJ8&pId=11&gdpr=&gdpr_consent=&us_privacy=&gdpr=0&us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc' (redirected from 'https://taboola-d.openx.net/v/1.0/av?auid=541033705&gdpr=0&us_privacy=1---') from origin 'https://oglobo.globo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://oglobo.globo.com/rio/noticia/2023/10/19/pf-e-gaeco-fazem-operacao-contra-agentes-da-policia-civil-e-advogado.ghtml?fbclid=IwAR0oP5dQYGfinWNMAbCOj0MtFsUqsVaEd-
Message:
Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzY3NTZhNjMtZjE3ZC0yNzkzLWY3MDQtZGVkZDVhMjllYjNl' (redirected from 'https://taboola-d.openx.net/v/1.0/av?auid=543846819&gdpr=0&us_privacy=1---') from origin 'https://oglobo.globo.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzY3NTZhNjMtZjE3ZC0yNzkzLWY3MDQtZGVkZDVhMjllYjNl
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=68405C29-7985-4838-B54E-3168FA288486&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id.rlcdn.com/710489.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

05c502ba649bf3c992463b0855105ee3.safeframe.googlesyndication.com
a.ad.gt
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ads.creative-serving.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.resetsrv.com
ads.rubiconproject.com
ads.stickyadstv.com
ampcid.google.com
ampcid.google.de
ap.lijit.com
api.ipify.org
api.permutive.com
api.rlcdn.com
api.voxus.tv
aps.zqtk.net
b.t.tailtarget.com
b1sync.zemanta.com
barra.globo.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bttrack.com
buy.tinypass.com
c.amazon-adsystem.com
c1.adform.net
c158ea1cff12ac6e000a5a7ae41ec1a6.safeframe.googlesyndication.com
c2.piano.io
c21lg-d.media.net
capi.connatix.com
casale-match.dotomi.com
cat.nl3.eu.criteo.com
cdn.ampproject.org
cdn.cxense.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.navdmp.com
cdn.onesignal.com
cdn.permutive.com
cdn.petametrics.com
cdn.prod.uidapi.com
cdn.taboola.com
cdn.targeting.voxus.com.br
cdn.tinypass.com
cdn.undertone.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
ch-match.taboola.com
ch-trc-events.taboola.com
ch-vid-events.taboola.com
client.aps.amazon-adsystem.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
cocoon.globo.com
comcluster.cxense.com
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs.media.net
cs.minutemedia-prebid.com
cs.yellowblue.io
csm.eu.criteo.net
csync.loopme.me
d.tailtarget.com
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.t.tailtarget.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
events.newsroom.bi
experience.tinypass.com
fastlane.rubiconproject.com
flowcards.mrf.io
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gadasource.storage.googleapis.com
globo-ab.globo.com
globo-mab.globo.com
google-bidout-d.openx.net
green.erne.co
gum.criteo.com
hb.undertone.com
hb.yahoo.net
hbopenbid.pubmatic.com
hbx.media.net
horizon-schemas.globo.com
horizon-track.globo.com
horizon.globo.com
htlb.casalemedia.com
i.imgur.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id.cxense.com
id.globo.com
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
idx.liadm.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imageproxy.eu.criteo.net
imasdk.googleapis.com
imprchmp.taboola.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
ivccf.ivcbrasil.org.br
jadserve.postrelease.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.primis.tech
logs-01.loggly.com
mab.chartbeat.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
matching.truffle.bid
medianet-match.dotomi.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
oglobo.globo.com
onesignal.com
onetag-sys.com
p.glbimg.com
p.rfihub.com
p1cluster.cxense.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pm-widget.taboola.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
query.petametrics.com
region1.google-analytics.com
rp.liadm.com
rtb-csync.smartadserver.com
rtb.fr3.eu.criteo.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.glbimg.com
s.seedtag.com
s.tribalfusion.com
s2-oglobo.glbimg.com
s3.amazonaws.com
s3.glbimg.com
sb.scorecardresearch.com
sdk.mrf.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
static.chartbeat.com
static.criteo.net
static.infoglobo.com.br
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.inmobi.com
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.adx.opera.com
t.pubmatic.com
t.tailtarget.com
taboola-d.openx.net
tag.navdmp.com
tags.crwdcntrl.net
tags.t.tailtarget.com
targeting.voxus.com.br
targeting.voxus.tv
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
tt-12842-2.seg.t.tailtarget.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usergate.globo.com
usr.navdmp.com
usr.undertone.com
vidanalytics.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
www.youtube.com
x.bidswitch.net
ad.mrtnsvr.com
api.rlcdn.com
aps.zqtk.net
cm-supply-web.gammaplatform.com
cm.g.doubleclick.net
csync.loopme.me
ping.chartbeat.net
100.24.133.143
104.16.14.243
104.16.89.20
104.17.119.17
104.17.194.118
104.17.24.14
104.18.176.126
104.18.214.59
104.18.25.173
104.18.36.155
104.18.38.76
104.18.41.104
104.18.41.170
104.21.50.90
104.22.24.87
104.22.29.151
104.22.52.86
104.79.88.129
104.79.89.214
108.138.1.25
108.177.15.155
124.146.153.163
13.107.42.14
13.32.119.77
13.32.121.46
13.32.121.90
13.32.99.20
141.226.124.48
141.226.224.32
141.226.228.48
141.94.170.77
141.94.240.141
141.95.98.65
142.250.181.226
142.250.181.238
142.250.184.194
142.250.184.206
142.250.185.131
142.250.185.138
142.250.185.174
142.250.185.74
142.250.185.97
142.250.186.100
142.250.186.130
142.250.186.187
142.250.186.46
142.250.186.65
142.250.74.206
146.75.116.193
147.75.84.158
151.101.1.108
151.101.130.49
151.101.65.44
151.101.66.202
151.139.128.10
157.240.0.35
157.240.252.13
162.19.138.120
162.19.96.35
162.55.120.196
167.235.124.61
167.99.21.53
172.217.16.193
172.217.16.195
172.217.23.104
172.64.160.4
172.64.207.9
172.67.159.162
172.67.23.234
172.67.36.110
173.231.16.77
178.250.1.11
178.250.1.15
178.250.1.17
178.250.1.25
178.250.1.3
178.250.1.6
178.250.1.8
178.250.1.9
178.250.7.12
18.245.60.107
18.245.64.124
18.66.97.18
18.66.97.65
185.184.8.90
185.64.189.112
185.64.189.226
185.64.190.79
185.64.191.210
185.86.138.154
185.86.139.59
185.86.139.94
186.192.81.117
186.192.90.3
186.192.91.5
186.192.91.9
192.132.33.69
193.0.160.130
195.5.165.20
198.47.127.19
198.47.127.20
198.47.127.205
2.16.2.120
2.23.8.228
2.23.8.24
20.127.253.7
201.7.177.244
208.93.169.131
213.155.156.164
213.19.162.44
216.239.34.36
216.52.2.16
216.52.2.39
216.58.212.130
23.210.115.50
23.212.88.20
23.36.232.182
23.37.63.179
23.55.161.173
3.121.136.63
3.125.217.113
3.126.32.212
3.66.9.9
3.75.62.37
34.102.146.192
34.102.185.99
34.102.253.54
34.107.254.252
34.110.201.227
34.111.113.62
34.111.129.221
34.120.107.143
34.120.63.153
34.149.50.64
34.151.224.123
34.192.97.180
34.202.8.31
34.253.64.164
34.95.229.88
34.96.70.87
34.98.64.218
35.167.11.164
35.186.193.173
35.190.14.224
35.190.39.111
35.198.44.170
35.198.52.213
35.201.123.184
35.204.158.49
35.208.249.213
35.211.79.33
35.227.252.103
35.241.9.51
35.244.153.86
35.244.159.8
35.244.174.68
35.244.193.51
37.157.3.26
37.252.171.52
44.216.72.29
44.241.21.199
46.228.164.11
46.228.174.117
50.31.142.31
51.222.80.231
51.89.9.254
52.18.209.83
52.217.204.176
52.223.40.198
52.28.245.130
52.3.75.156
52.46.128.147
52.48.43.143
52.49.194.113
52.51.16.139
52.59.9.110
52.71.139.182
52.94.222.140
54.145.89.160
54.157.140.221
54.165.78.186
54.225.37.209
54.236.80.3
54.77.100.160
63.215.202.146
63.33.100.143
64.158.223.137
64.202.112.255
64.227.64.62
65.9.66.97
65.9.92.211
67.202.105.22
69.173.144.139
69.173.144.165
69.173.151.100
72.251.241.196
76.223.111.18
77.243.51.121
82.145.213.8
85.114.159.118
91.228.74.206
98.98.134.243
99.86.4.128
0194f5d52e54edd2478db90ef977636f7db8a20dceccc555ba7263c9fa465122
021927fa178b249ba181afdcc0b7b5106ceb6e141d0a1c805e034787a6f3367b
039a2d3b0a025c36845720df9d5d8253ed0accd2b7e37cb76c6d2d8cc137e7b8
03a6abf7971ff5a994b62a398c9c7b20ac4a4d7e64480af337b1386deabe3fa0
03bd05cfb6d0789c54678927cfbd8d3ab3c9b721cee69b3dec80dc9c521149dc
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
047161f5db1dae5ba25f3619620d4158ad402001c42228fc757a2559638454dc
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0905f8d2dbf6c1d887bef1a7ab12eb7a561773304079cd230ecb527bb2a74e73
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09cec2de6f7dbe62bdaca938b78b08072f6b5723179950584930b1e21733a5b8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba44cc22b30c7ef8e540e50e57a2ebde74fa5e1cbf1fc41778e01e97ef1811e
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c1777112b4059996b726d5a6dd5f4cf19bf28bef59d1b11c827921c1108feff
0c85c630601edab15e8aa2e0a5ab14ae6168816700c3b2a2bb4983cdc2b11acd
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0df11c02060a791e8f0030369c3e3ac91ea4578eeef59e5517f8c8185c53f383
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b
0e725d8045e8d685d34b2de3af3c5384ed598260e71cd3d4fb4ffd08591d5010
0ebfa34d722a9d1feadeb94df85dc11ccdf53a7ca5a4bc73caa9eadbac148c6e
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
12b5a3f253130a33c87aaa474c8f349ccbfdc46217ee2daf7551303ec68ce2de
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
142f8494fc200b226bac847dbd9e33ebb086f6f268de92cd06c5a53b74bd191e
171a128c043d930abdd29b98c54e26baa4c852db3404d78b948fe0ff948a4a19
17d69d3fe3b171a29d7a763654995ae19af195c11dd285969953d8e916abb2b7
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188ad1f5f1635b83df77cd27805c09bf37ec353c01f8bd731c8624612f28f353
1965c07b93028ee4a07369a701035378b87d01874bed6d5a76f2c00d70670412
1a8b1a5d057124c55e6627c62b0e5799deb5734f067672416c12cdb1458c4e4d
1c432691e211a3eeaf4586fedc6b57d548b36a63bf169fe88995c876a16ac6a2
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f85022ac62cf89e1e679ad1ec8e9d622910f2e9f24c3d17e3b2f91089ff1440
1ff5fc550fc9f3c7fea90f8b5d2d43aaf80e5d6e9ee9202337f11314a46c03b3
202d55eefdb855849ab9d7cd04d7c134bf4d7c96848b4ae0905c45be006f5c31
20ae6a4a7d0d0a5cf52120dea92dcfc64fe95a1aa230399bbbeef27d2e5fe074
216c8994eeb343b3588f234794df0cca8958d6c72b01b510b4156bc2d03a3840
21cc702ac08ea8e5ff3e8227593664605b228ff93528b339ee4571abead3f19f
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
224851ee88cb496b4933c2a5d945f5df94e7c17db34362c2b1d230154455a659
232731744ff2ee522dd590b07020c026e8392504526c29eaf2bf11d3f4741853
23b0d76286eeab211ade48186ca338dbb0b91ee363f1f7de8b3ff0be5a8388ba
240b8cad9e591f690ab9f22cf725f5e866db19653c3002040631ff2d7179b935
241186f85b02a24871a6d908b63f204132bec070ff700b175d3bcf0b3f12094a
2547cb8f7cd698f78c49f604d2ec948844529dd35b253d6257bec9fd5f80ce37
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
2651408db87c4f32c3899dc3ef665d15061b5eeb2d0f72ffd33c2590a6c41fb0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2be5ec9833fb7e7cc366e1a51bf5f07978b7959c25a5426c4ee22fd9ab7f3e85
2d5c206c8047b47f0eb92bbe98c8e0d44060e9763b8426548c2c11b4c1547f98
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e68bdf94f42cdc9bcb7fb6471cc82bbdf3cee353dae1e5760a5d7068d9de1de
2e75a16aa7dfdd7077c391823eb4ebd9caf0fa95d94011c9c32530b9f98852b4
2f120c013f117dd73526021044518726d9ed96cb09a1a15763b32efb3b98bbf7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c
3092d2490b86e1d81acb28151f6fb35e0e13c0f2c160b0fa9f2015b9212dcf10
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca
32b35750d64b41c5f9b687771ac72724b05493d903d88e208674844a49a1a31f
3324aaa5dc3d7b5f08d4c2ac5cefe6e743e68f7668564c2e41b95bbfa55ae024
349a9300531f74e6fd0ad228702eedeff234c0e98b2f9a53f79941ac329c8247
34e74731b15d6d1f499cb8263612b932c8674f70a8c2ac310290ecf5a34e4a08
36321d70bbacd5eecd09163f19142f2d67932d40c963f02aaf9a094193af197a
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37d264524d1d0552a18a0b060154f1cc06b99c57fd60bfdfff5262c195465c43
3803d2015642be1938493a1607e9d96ae77f95edbbea1f4e5b077888b70f97f7
38dffcaf1fac89492f7c56c600a14daf36ae42f7c21985cd4134ae113124a58f
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
3945a98e43cd2167bfa9e8385ffa54335b9a393fa66af78f9b9deba11bd87470
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39bdc26c4359e605686a0329643a8dd1c4708bb532d3ff406c3e1f3e73eaf75b
39dfed5eebe6f681c5a1bd1d12bc8c25950345380b614287afbfbc5da1cdab21
3c0516fcafa00527111c76221395af43ae0768f44f7b7b87e594212bc7da1214
3c5ef38ecfa737c7ec14e221c96402648de2b654f131a25b127189e54dd1a54e
3cd6ab1956be790ffbc733f6d1047b7ddf7838b1945310d9dbda637829064e9e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f90f532523d2d2ca759f623769330937fae4cc7e7917ae2d54d121beaded708
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42089c06ddf7f8f081e655b3538b4e3cc7a2d932bb3ea30965bf7e3c9d5422b5
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b60a65d794f06ef21cbd50283f71e960c5b9b0a654843f6b6ad5beabf8ba70
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b36688d913ee22f8ae0e3add7ae6d518f60329904d11590a8d85fa77bf7c8a
4771b6e6d80480ff9d9ca116255b55e6a618fe445961840333b32a1315255e50
47b142dad425dd3e330d84bfdfced3a4828c4f104792b49e158015a293b5ace9
4872436dcfca5a947a8944262130cc10acc1e8a3f53c92e912ba1bfa59b69454
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d4f36617293127698ebf21b02d450d5071f36d251c99e2739875235acc0b849
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e155284926ba010442d774fd493ff925a0256bd427f54596b1244791a3fa170
4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692
4e695c5063a5c31b928704f07496b78749c90d5e5804edbdec30085564110c20
4eabcb8348f44fc589c7f67966245f6c4bcb3315d60f42e4522435c99b8aa4ba
4ee1c89f35280a59e607e8bb87e34ff7598381b18ce9a1e101a444f9b3fab07c
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
515239d8289639896f52c3be97bd5fd1c8c1694745f7c2bce5014933ef0b28b8
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
54cc0f3d82346b3ee0a3fb34186f6d3239cbbef511016130e1aa7dcbf1a48adc
5568b0c04d57efd8d9d46f706cf67abe094af69892aafad31166e70d6fc51165
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f45401a6b257061cabb9bb5f0d7ab2d7d8577097bd9ab17ea19f3086f9fc04
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
580c9732728168b6d52d88b58a1a89c30284ccf6e452ad49e00efd70714b9be8
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
58e214d293aaf47d992ebc2fc5dc0cae04e7ede7e0e5af4579c69b26557bf55b
59ea065b8cc493e8748942c3c09d06def55332dea87be8798905073c77dc2721
59feea7bc720ddcf41f4c1b173ebaeb9409eac62674546b140fd11adc04708a0
5a014ebb4e69cd96c9a1e14629f1b13e6dc3ebf1bdb8cd7f0e38d9017e9b54a1
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5d713909b911eeaf4131716dd697f841431e039e3bb9c6432a5553df9accaa3e
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
5f536639638b01c81ed4348bfb05dbdd648a306823a4e39399fb5569f44a5ea7
5f9376c77618bf0ef43bcabf8228c9e2befde3731087b944e140a88c34066873
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6097be854240d73a3a5ea3bd0e43bcff0ba27eede5affa3f4f027622a41bb793
60b0f8f7a630b8cf83d4c29ddd3e6e614b119208fe97a96cae6dc6311541671b
60e565d7b4541cd40d442e527af43d1dcf8e69b7ab833dfb8b769ccd137dae82
6113aa6c8b4abb8f3d9de3e13214876879785bf25ad316ec487578e4111509e6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
637ff471181e622f31d83a057609a2b6a9c7d0b3128b3c4d423a811c400a25ed
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
684852f26cc088af0c593108090c8ef97ea26ddf2891f1b1b52cc5c65b3d5b91
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463
69a3cb12deceb66bc0c6e0fc50c30e892d7e73d4001a79d8b7332d4932e8209f
6a373c5b79ec9b010b70d6b619fe0fdcd50067ab10bb3d63449d4b6ccb77ce2f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c6b1c93c9ae9d22f80b9bed89359bbe511d625cc7c685c9f6c37a9beffc0680
6de06ffd6235f73dfd076ab1d78cbd035d16e7824c6ad5e7752abf37995fdab3
6df9e3b25ec20f5fb1a67ff4247474f9f84294628eec6081bc0e1c1e2a5001a9
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6fc8c519813ae69ffb5c95d87821ffbc940db1a1a2070bdbfed21d0e53fc4991
70ebb327d7038dbe26f13b6f8688b65d77c4f46fe565fbe7d0d9302895407871
716984a7fcbaf6d6d6cc56fee107055f99154d251702b57aefcdcab4e44ba798
71790551cb76a760a03b1078ad4ac3a55943d81e1a1961625e97ad2527b3a73a
71901d0bfb12e511059d7b621e49bdd753e70355f8c44ab1e8418403a1404a6c
71c61f2dfa7f304323163478fe9e1bc1cfe3910382a43142b55f61be5af8c670
71eda1dba82909d574153cd9f4e2759d44d342b983aa96295f9dff5cc1e64d42
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
721f01f7ac435b12df171ba12797e85092612ae1f5c755bb33124cf6c7ff6104
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a6cd94fab6c179392075d3fb361e269cdddfad41bb7ab385fa22a37e49a900
72e60b6eb3be9d5d931fdeb84475759aa558145f9a848f1804423f5b1e611ecc
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74bf01999214f1915ad22f312308a48cbb57250574172caf0ba4d138cbd5fbc3
751691faa151d0f7dfb720d2dd1685155988d67e7589328531ce30b7e9fa633a
75a7679494655793228abb99e12e66af7900cd62b3ef692125960942dc23e0a5
75d980aac2a526c75acacf6fa379329951500b5285530ed56e56838524b576f0
76e251ff2d6065bdd88fc4f9c22fde1ac676ba3e882122ac82e7390f6e381002
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
7740eedfa43b13a0c0ef57c77c72240b994238b5a5da8be3a9a32e3bdab60aa9
775807392af29b7a91f1217ab6ed717ba35baaa024bdccc9273321f54ab51bb4
7800e3c307c07f97cd107a04d57cb6677817d306ac584f5ea752507580460ecd
786b5fdbb186450cd83c1c2ba7eeeaccb746c6704b59b1506f9a7c12c5194500
78c43cea3cce208b1072d2d281359266b8a223b5f8a31f6dd4423e0c119ada1d
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79f0550393ce13fa34ccfb35fb3afc281d4e2dfa6c957490999011337b244f14
7aca3d54155244878c83a859bbaeed7407dfced9d5396ff11715b84c1f712396
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7bab8552ef40273d5c6b442e9e2ef67622abba0557dbf06361eb72ddd237adfc
7d82d486b8545071a70b46cedb25a03410718abc3595ccf2bc17886653ebba48
7f1e7751de7211682870afa390d8383cddbf7845eb9d83b700752bc26602a782
7fb6cafd25204c08e023979c7b5715b5fefb88ae7291be72639841738b767400
81c18c6a1eebd0d4249f792956e0cfed7e81dc9dbef518227d62ec1818262c22
824213f800c8a2a4ca1f390f249881d603993020a17c9a35c517f7f5f2195cba
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8492927ddf7fb1c8035f93f681ec4a0bed6a5a4d1bca47d0b65b18189fb6950d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85ec4da72379eabdb0c0c2d0601477301028ab91b44a322d0cad1973546bae83
86613139b1ac9e01af106a1bce6aa96c530dcd7b6542177787172dd9674e1544
870d9252784afb443cc7121d7359290e2f2c8b5b7c5d88676bfb4b693246f48b
8774018c1144b86e36ee08be52ead31829085c7f81669101e728e6d3edc9b18b
877c319b8a36e65249be764ce80ef3891edd45848ba3627b95c7499feb0be48d
8900135ccc26cae8634c6c7e4fcba0a6ad86e166167aa82a551cd9cf38841cd3
8be33906a13c7418a9fa39d81f76255ec011b2acc3a26210cce6a0ef98a65ef0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e08d6c979c3b89f8735ddec57645eea1633c985de66818d1c9d7a2478bcbd32
8e1abad13842cfce1f10ec038a49780b0c8889d90f314fd084e946536e043f1c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4
91a198fc0c19694e2b6606ec092803daf9528b8834681b3aa3fac11361068b4c
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
955c1f56059a3c7eee0bf9c21b3b1fbd5d6e2bd6be0f3ee31869e5970a4b0d67
956bd91287fd5d85b711fd51418e53c6eeb3536134044ce39f67fb20938e160c
95fd76851af3f44e93b5d341dbbb4f5cb6eb081a2c85f27813cf118bc2e6b784
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
96fe81fb6eecc4b876c31782224b5ebbac1ee7b20431e9ac1f218c8e8904a430
97925588a1439b864c607f5feca22339c6c6d5cd282a3443e6ef8d68e67e797e
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99235240097ffe1c3ccf93f0275840df66a62f6ce406788402b06df413755d67
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99cc9e872f073562fd2d2ba78857f8fb53d85a39f729b22fd181c1bdb493ec52
9a1e01c462c07c1fb53698e6ddb13d646c69e45b0bc68aaa77b9b938a1bcb47d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d170b6eb660ad5ff65d6c64e9fb34d0616f03623092d1ff4f43bff55d30176a
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
a02728d692b9feaf335d6f971501393bb968b638728ca51e166d98e0efab7439
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a121d9af00134f138414f42a73143d428bec1d3bf2b7e495ca07b6472b115f4d
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a74f52aca33eb80cffcf22d4c1715cc9ac93e00dfafed8b283a5583fc1b9a45f
a81d25118c6f7d835e9ca132b995b8aca46e3575ee4ab2136ab96ac8d5e4688b
a9017f676ee4e38fc77f91af55f8b7bdcad440a5a379039cbb913f0cbe39a39c
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
abdb5706faa5986095c7ee7e87d7bbf02b68539a36e0c7e1082f0f33230f68ce
ac2b0b24d095a1cbd0b3a8a099a9df8c82013e2901a7a46a0a47c1b50d941e05
ac9644cef593fc6f416a995e76fe1da81a4593b00230419fc29d28bb7c96da89
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae4ccd04857833bd4bfd7943677e73432c2463a113c4537b7e80521da543121a
ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7
afa01ecd27ac63d99381cfee8202a5e4caf882c73f4ff79ccde5ecc09259011e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b078017f3a5881d5c8af75f15f00b363c0c7d3e6677981eb293e296e869a85b6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b78d690ebc80e62dc6cb535cfdf99832387c46c5c634908617f9cb6890a5f0
b3f586be89dbe3e93f12ebe1e62a2df139c8b0cd930aa77e792cde22c5933fd7
b403d49ae0d5aeefe18e920c1c1ddb2d6af76c41d9e5121dc73965626a2ce0fd
b44a995a7707fe6599af49e2702b429f8f13495db37ad27b32f7768ad4b0e594
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b7626b2bf7ba30dc8bba71a764785f59891c4d1a5483118f4eadf98fa983e753
b781bd9ec2791580b9a6e0e886562931140026e5a5597a8cdc97063febc7aa4f
b81ad1210bf4276e2651563c487f1116410f97232fcf37a85c09dffa25edda2e
b926d84ed56f2239b061936da7b714dd10be0033a097264948c588f2d8c451d7
b9f6160b7ea7d0645d6201d24919b7289061f8d021e3c245ad5dd7b00ec66ff2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f
bbf3c0801322e6b3000a664d3d7c410b9cf7c3a5cf9961098bb7bbe066e43240
bda9e4678d727076921c31d43fde85333e4cba1002982619ffe42e24f1d857fb
bdd8a03d4f991abc68b26860acf789b9ab8b01bdb33b59a9f5861e68ca07f6b1
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c1b9adf8339750ad910b2316ceabb71d5e180c2afd37fa69d529601c3f396fd7
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24743351ba7b71940fa838374ab1bc7e33bb3268890d7777f0b13d541f2a1b0
c2d893147bdb85c6671c355db1a5e0147ab1c28d300d26f4aa7c3fb2996f42ea
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c4866c723c789cf04a4900008e83e9a923d0209e0ee11f32a679c3ece024e103
c50ffbb0d5049173748e6468980ae6811d8c7effecb8c7428984ea00734545fa
c637bc70cc671cda4cc4885f7b5f53537f9ded298f7ddcb6a784ca244606f0ea
c7697ac4d867ff6d0ccf97c2a342c11006e9ab74c609cae61deffa4a4a95b79c
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b
c7c793300f13fd3a34856f726d769507dac3a8390ea7c58088620b7572ce0336
c970fcaf36ed76bf570e31aa2b9a98dc065f8dafab887b38f497f9e556dbd46c
ca33220ac36e8d7bcf66167ba84a0c8780cacbaa0956ee8d80fb4a1b8591fd72
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb1c2ddad0f9faebfa39f95ada9948064dcdf5377675c66f3021cbebee94f70a
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261
cf31a053caf064aa8c0088c7b460619ed811b3379e5da3277b44ffec7e53d543
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01b2cf5b15e8ea0ef57c0ccc66a390b354d8dbc11410035fb73eb12ab3ee514
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d130321a24006111462ab2cfd822f0f8b9b493d5b2240e3aa2a6b4bbe223f596
d13109aed7495008b024a898a42be44994ca8de5615734a6e238966435e10c47
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d324e696d8eff869aba1a11fb57ee5ff41d486c1f4c0a4c41e70c705e8194cbd
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
d409a0633bf4577a8909f931efc35791643cd52e5db259a4ad8588e98dc6e929
d5e7e8c5932a8ded47df45f640eba849bfba7cfe1f3be177fe103f0b40828a38
d7904fab8aa39fa7ef706323029c5a5e291a4c3dd3284b89b4c176db1d3385a4
d7ae5a16c1890c44613e6e40818266e052783bbbd2b202836a5a7e014ece53a6
d7bb8f89246f3cab0ef1cbea671d9b7fb6fe8110564509ae29e05eb976593a39
d7edaf12469d1c0b2b65250f92f97d41ff9cb20e016ace6349e87bcd288ab0ec
d80a526b27ab21e20dd4b921eb2c975affe2af32939538acd5a7881609035f59
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
d8d51877bc130c8836c299bdd0041e9c429537e019da2b80b2f9da5d9315940c
d8ed0cd9845e1bae3f6c1a630b35533038bcb495b67dce6633d453cacea1f8f0
da417b10878ef530228ad8bf0950fbb2cb5471a51aea7491d508af71ba394f09
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de4b7510e941072e71d806b1a0e7e4f22f64df777254a23ba758fdf463590cef
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
deff6cb1d322776b0236f3c94e075ba8d2f6699058433479943b051fe7c303f7
df798667e48b7de8375bad4056d96aa02a0290b8ec4fa99ecea0837f28988603
df9407425c842a4c9648cbc742a30d5e21b2ffed257d83cb856570b34bf8dfd3
e021b9a406f77024dc0b6e31289fef29c0711a1c54fe8acd0abd3772268bb7b1
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72
e203fc1358e2baa0e35cf6999e059b111046b3e42813527475bdbc1759556c10
e24b1ae75f0f3a77ef410bf8b538a7a4a27946f3c152c772f31ee4712940f8db
e37b2dfa8ba82e65e3d89e8932c4cc8e23e74d6117fda92d712ca841f49c9b29
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f422ae8bc9e4874e20a1d051cc2cde9a2e2f0e84d8a4ef84a82d90b3b5cc79
e56436c1b9a00879abe23ab6e72926a7afb3aeb1181bdd5b5dc2933e7c37286d
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e7934d040a6689c6bc27d34ffc89b2eee370941e271d005072fe31bb650bea16
e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f
e7e740a0060b5040bbcf90ef68aa4392624e02637103c5445b6934472e339fe1
e8263d6e378841b9b2253c5378a8c777964dc981e52c94f363437e54ab59db5b
e84d4890b1ef69b895ffdeba89cf25d6ac22d2b5c69e801c50e85f320f81c0ab
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8bf9ccc765b5576c8b86e1f75a308e112cea4c1ead476dcf94720d10fa6fb0d
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411
e95437475799d63f51f8f4a964c2a3334f65f7aaf5e983f026146d4cb79cd7e6
e9c22bbd697c2822c6c490583ca1d86ef5ecaacd185e7590d43b6cbff7b11c25
ed1923c11bbc7476e5d70e84dc04a17d81d54a919c355280da0e3bd7b7697040
ed24c81f8f95e519a9703a474c7b15b7c6f3413d346332190b01a3ee86e59a2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f09f980e23145b9675c2817230abbd93909299ca085bf1f05aa137d8b47d441f
f27df02646b039f3416255bfd9722fc82e64ce1ea9bf34443da85cf4a681d194
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f539bbcde043eb264e4a4e36a90118906a5eec82dbadaf999d5b20dac906c91a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6a16e1a98ca7a7675c9a984f427dcdc3000a4448ae4efdb9ba53b7a029a96a4
f94bb0ae5532e06fa22046d489fef28ff346b0919fcededf6ce181330615b2f7
f981cd12a95a3d5cd29fed7b0e95e8b292061ca5d5237ff572d0b88e6894aaef
fa6838f52c5089098479e6ca29e91f152a6642ccffd32a9d8f77cce14db258b0
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbd5253e9e6e0032c6be10c874eba8c316a8e0adc387831f46416661b1908c38
ff1f3fd5c645b504972939187912b4404dfdb1fae2e9f864fd1961b07680d684
ff86791027138660afd5f4e533f066204d4fa2a9ce522be16e90a5fbcefd40c8